<?xml version="1.0" encoding="UTF-8"?><rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/"
     xmlns:dc="http://purl.org/dc/elements/1.1/"
     xmlns:atom="http://www.w3.org/2005/Atom"
     xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
     xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
     xmlns:georss="http://www.georss.org/georss"
     xmlns:geo="http://www.w3.org/2003/01/geo/wgs84_pos#"
     xmlns:media="http://search.yahoo.com/mrss/">
    <channel>
        <title><![CDATA[Instacart user data reportedly for sale on dark web at $2 per account]]></title>
        <atom:link href="https://usagag.com/2020/07/23/instacart-user-data-reportedly-for-sale-on-dark-web-at-2-per-account/" rel="self" type="application/rss+xml" />
        <link>https://usagag.com/2020/07/23/instacart-user-data-reportedly-for-sale-on-dark-web-at-2-per-account/</link>
        <lastBuildDate>Thu, 23 Jul 2020 12:20:28 +0000</lastBuildDate>
        <sy:updatePeriod>hourly</sy:updatePeriod>
        <sy:updateFrequency>1</sy:updateFrequency>
        <generator>https://usagag.com</generator>
        <media:content url="/uploads/2020/07/instacart-user-data-reportedly-for-sale-on-dark-web-at-2-per-account.jpg" medium="image">
            <media:title type="html">Instacart user data reportedly for sale on dark web at $2 per account</media:title>
        </media:content>
        <content:encoded><![CDATA[<p>Illicit merchants are selling personal data for thousands of Instacart users on the dark web at bargain-bin prices, a new report says.</p><p>Information for as many as 278,531 of the grocery delivery service&#8217;s accounts — including names, order histories, email addresses and partial credit card numbers — was on sale in two dark web stores for roughly $2 a pop, <strong>BuzzFeed News reported</strong> Wednesday.</p><p>The trove of accounts appeared to include people who had used Instacart as recently as Tuesday, though some of them could be duplicates or &#8220;not genuine,&#8221; according to the outlet.</p><p>The sellers reportedly began uploading the data in June and appeared to continue adding listings into this week — but it&#8217;s uncertain where the data came from or how it was obtained.</p><p>Instacart did not immediately respond to The Post&#8217;s request for comment Thursday morning. But the San Francisco-based startup told BuzzFeed that it had not suffered a data breach, though hackers may have targeted individual users with &#8220;phishing or credential stuffing techniques.&#8221;</p><p>Phishing is a form of cyberattack in which hackers use bogus emails to get personal information, while credential stuffing uses known pairs of usernames and passwords to break into user accounts.</p><p>&#8220;In instances where we believe a customer’s account may have been compromised through an external phishing scam outside of the Instacart platform or other action, we proactively communicate to our customers to auto-force them to update their password,&#8221; an Instacart spokesperson told BuzzFeed.</p><p>The incident also appeared to affect only a subset of Instacart&#8217;s users — the company had &#8220;millions of customers&#8221; in the US and Canada as of April, according to BuzzFeed.</p><p>But some customers whose data was listed for sale reportedly said Instacart should have told them if it knew their data had been harvested.</p><p><span >&#8220;</span><span >It’s hard to know what to say, not knowing if it’s a result of [Instacart&#8217;s] negligence,&#8221; one user, Hannah Chester, told BuzzFeed. &#8220;</span><span >But if they’re aware that this happened and haven’t informed us, that’s problematic.&#8221;</span></p><p>Instacart&#8217;s business has boomed as the coronavirus pandemic and related lockdowns caused demand for grocery delivery to surge. The firm <strong>announced</strong> last month that it had raised $225 million in new financing, growing its valuation to $13.7 billion.</p>]]></content:encoded>
                <dc:creator><![CDATA[USAGAG]]></dc:creator>
            </channel>
</rss><!--Time: 0.041868925094604-->