Expert Insight On Instacart Customers’ Personal Data Sold On Dark Web

The personal details of the Instacart customers are sold on dark web conatining the last four digits of credit card numbers, and order histories. The information is being sold by sellers on two dark wen stores and has impacted “millions of customers across the US and Canada,” according to a company spokesperson.


EXPERTS COMMENTS
Chloé Messdaghi, VP of Strategy,  Point3 Security
July 24, 2020
These are historic times and some bad actors are driven to these types of attacks by urgent financial need.
It appears that once again, we’re seeing how important it is to keep your security platforms and staff in top form. This is the most personal information – where someone lives, their buying habits, etc., and esp. for people living alone, their information has been made public. The most likely bet is that this is a phishing situation. The most important thing is to let customers know their data ....
[Read More >>]
Paul Martini, CEO,  iboss
July 24, 2020
The reporting suggests this data is definitely legitimate.
The reporting suggests this data is definitely legitimate. If there was a breach of this size that occurred — and all signs suggest that it has — it shows how vulnerable cloud data and infrastructure is if not properly managed. This should call into question what cybersecurity decisions are being made while building and creating cloud services for consumers. With a proper cybersecurity program ....
[Read More >>]
Chris Clements, VP,  Cerberus Sentinel
July 24, 2020
It’s possible that Instacart has unknowningly suffered a breach.
Attribution is a common problem for data posted for sale on dark web forums. It’s possible that Instacart has unknowningly suffered a breach, but it’s also possible that the leak came from a third party with access to Instacart’s data. The unfortunate thing is that most organizations do not have good enough insight to how their data is accessed or where it may have proliferated to. Even if I ....
[Read More >>]
Chris Hauk, Consumer Privacy Champion,  Pixel Privacy
July 24, 2020
This is especially true for credit cards that have been used to order anything online.
The Instacart breach serves as a reminder to all credit card users to keep an eye on all of their credit card accounts for unusual activity. This is especially true for credit cards that have been used to order anything online. If you see any unusual activity on your credit card statements, immediately call your card issuers to dispute the charges and to receive a new card. It is also wise to inve ....
[Read More >>]
Thomas Richards, Principal Consultant,  Synopsys
July 24, 2020
Google and Facebook appear to have strong account password policies and protections
"From the information that has been released thus far, we know that Instacart allows users to use three possible methods of authentication: an Instacart account, Google, and Facebook. While Google and Facebook appear to have strong account password policies and protections, Instacart’s password policy only requires 6 characters. This is below the industry standard and is considered a weak passwo ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article