Yet another huge eCommerce player has suffered a private data leak with Instacart finding around 270,000 accounts from their userbase being sold on the black market. The stolen information includes full names, home addresses, last credit card digits, and more.
Instacart, the largest North American platform for online grocery shopping, had to confirm the incident after BuzzFeed News broke the story on its site. However, in the official statement, the company claims innocence, saying there was no leak or breach on their end. According to them, the users are to blame — for reusing the same names and passwords on multiple sites. When hackers steal data from other platforms, the statement says, they begin to use the obtained information for brute force attacks on numerous sites until essentially hitting jackpot.
But Instacart doesn’t really do much to help its costumers with increasing online security, points out TechCrunch. Their site does not offer two-factor authentication which would have significantly minimize the possibility of the attacks like that.