Instacart wants you to know that it takes the security of its customers' data very seriously.
With that in mind,??? ?? ?? ??? the grocery-delivery dispatcher announced Thursday that if your account data is among the scores reportedly being sold on the dark web. then it's probably your fault.
According to the late afternoon blog post, a number of Instacart customers likely fell victim to what is known as credential stuffing. In no way, Instacart insists, was its platform "compromised or breached."
For the blissfully unaware, credential stuffing is a form of hacking that relies on victims reusing the same password across multiple online accounts (which people tend to do). So, if hackers manage to get ahold of emails and passwords from one service — like, possibly, TicketFly — they can then try those combinations en masse on a host of other platforms.
That, Instacart claims, is what it believes happened to its customers.
This Tweet is currently unavailable. It might be loading or has been removed.
"In this instance, it appears that third-party bad actors were able to use usernames and passwords that were compromised in previous data breaches of other websites and apps to login to some Instacart accounts," reads the blog post. "In some instances, this would have given the third party bad-actors access to basic customer account information such as first name, address, last order, total order number, and in some cases, the last four digits of a customer's credit card."
Of course, if Instacart offered two-factor authentication (and people used it) then this entire mess could have been avoided. As far as we can tell, Instacart does not offer this standard security feature. Its help page makes no mention of it, for starters. We also created an account, and attempted to enable the feature to no avail.
We reached out to the company for comment and to confirm that it does not offer 2FA, but received no immediate response.
Instacart doesn't get into specifics about how many customers were affected (we also asked that when we reached out to the company), but thankfully a Wednesday report from BuzzFeed News does. According to the publication, "sellers in two dark web stores were offering information from what appeared to be 278,531 accounts, although some of those may be duplicates or not genuine."
SEE ALSO: Instacart will provide 'safety kits' to Shoppers, but still no hazard pay
That, if Instacart is to be believed, represents a lotof reused passwords.
Thankfully, however, its customers can rest easy knowing that the "security of [Instacart's] customers' accounts and data is a top priority," and that Instacart thinks this entire mess was probably their fault anyway.
Topics Cybersecurity
Jennifer Aniston posts adorable throwback, proves she already has Instagram nailed
Best foot massager deal: Save $65 on Renpho Shiatsu Foot Massager
People are making fun of Airbnb's new Chinese name
Cute grandparents are devoted to 2 things: Each other and In
Scientists say they conversed with a whale. It may be practice for aliens.
Trump's latest poll: Do you like Trump? Yes or yes?
Pray for the Cadbury social media manager who's frantically fending off trolls
One brewery's latest beer took the trip from the toilet to the tap
Wordle today: The answer and hints for January 13
Can you tell which picture of a giant cock is actually Donald Trump?
Porn viewers skyrocket during work hours, study finds
Woody Harrelson has apparently quit smoking weed
Americans are eating less beef. Here's why that matters for climate change
This 'Time' cover will give you a reality check about Trump's America
Ryzen 5 3600 vs. 3600X: Which should you buy?
Zoo sues advertising agency for using raccoon in 'erotic' video
'Banana for scale' is put to bed by this very weird apartment listing
Former president of Mexico slams Donald Trump's (SAD!) approval ratings
10 Tech Enthusiast Guilty Pleasures
UberEATS is delivering alcohol now, but probably not in the way you were hoping
JACCC Presents ‘Bridge to Joy’ This FridayGate.io Hosts Elys Network TGEHaven1 Secures $4.6m in Private Round, Backed by Industry GiantsNatsumatsuri — A Free Day of Fun for AllSowing the Seeds of HopeSuma Sugi Yokotake: The Woman Who Became the First JA Lobbyist (Part 2)'In This Corner of the World' Opens FridayA Local Marvel in ActionBTSD Toro Nagashi, Bon Odori at Balboa ParkThe Quantum Post Debuts in Lisbon Snap launches Dual Camera for all Snapchatters 8 organizations working to solve the gender gap in education — and how to help them Wordle today: Here's the August 25 Wordle answer and hints NFT marketplace trading is down big as crypto winter rages on Instagram's testing a new feature that steps on BeReal's turf Yelp adds new alert for crisis pregnancy centers Brazil suspends iPhone sales until Apple includes a charger in the box Chadwick Boseman wins posthumous Emmy for Marvel animated series 'Quordle' today: See each 'Quordle' answer and hints for August 24 Twitter is finally testing an edit button
0.1733s , 9929.6796875 kb
Copyright © 2025 Powered by 【??? ?? ?? ???】Enter to watch online.Instacart insists it's probably your fault if your account got hacked,
