Groupon India suffers massive security breach
Wednesday 29 June 2011
The Indian subsidiary of online deals giant Groupon has accidentally published email addresses and passwords of its 300,000-strong subscriber database, reports and the company said.
Daniel Grzelak, founder of the Internet security website shouldichangemypassword.com, found the security breach of sosasta.com while running a Google search for publicly available databases.
"A few hours and tweaks later, this database came up," he told the Internet security site risky.biz. "I started scrolling, and scrolling, and I couldn't get to the bottom of the file. Then I realised how big it actually was."
Sosasta.com, an online discount portal acquired by Groupon in January 2011, alerted its subscribers Tuesday and posted a message on its Facebook page asking users to "change your Sosasta password immediately".
"Over this weekend, we have been alerted to a security issue potentially affecting subscribers of Sosasta. We wanted to let you know that the issue has been brought under control and your accounts are secure," the message said.
Grzelak's website shouldichangemypassword.com holds a database of 1.3 million compromised email addresses, allowing users to check if their own email address is among those deemed unsafe.
"There are thousands of these databases indexed by Google," he told Risky.biz. "This just happened to be by far the biggest I found."
Groupon said it would review Sosasta's security procedures and put in place "measures designed to prevent this kind of issue from recurring," risky.biz reported.
"Groupon takes security and privacy very seriously. Our users' trust is of paramount importance to us and we deeply regret this incident," it quoted the firm as saying. "This issue does not affect data from any other country or region."
Groupon, based in Chicago, announced plans to go public earlier this month, after turning down a $6 billion takeover offer from Google last year. It currently has 83.1 million subscribers and operates in 43 countries.
The company operates on the principle of collective buying, negotiating with businesses to offer discounted purchases which come into effect when a minimum number of subscribers agree to pay for the same deal.
Life & Style blogs
iPhone 6s Plus photos: leaks show Force Touch display, subtly altered size
iPhone 6s and 6s Plus battery capacity will be weaker than predecessors, Apple leaks suggest
Pansexual: What is it - and when did the term gain popularity?
Amazon Prime Video launches offline viewing, feature Netflix has said is 'never going to happen'
How to discover who your best friends are on WhatsApp - using a tool within the application
Climate change: 2015 will be the hottest year on record 'by a mile', experts say
Jeremy Corbyn calls Osama bin Laden's killing a 'tragedy' - but was it taken out of context?
If these extraordinarily powerful images of a dead Syrian child washed up on a beach don’t change Europe’s attitude to refugees, what will?
Senior British politicians tell David Cameron: When dead children are being washed up on beaches, it's time to act
If you're not already angry about the refugee crisis, here's a history lesson to remind you why you really should be
Theresa May says migrants should be banned from entering the UK unless they have jobs lined up
- 2 Moscow voted the world's unfriendliest city
- 3 The excuses your boss is most likely to believe when you call in sick
- 4 I'm pansexual – here are the five biggest misconceptions about my sexuality
- 5 More than 11,000 Icelanders offer to house Syrian refugees to help European crisis
£40000 - £42000 per annum: Recruitment Genius: This is an exciting opportunity...
£35000 - £40000 per annum: Recruitment Genius: This IT support company has a n...
Negotiable: Recruitment Genius: A works engineer is required in a progressive ...
£21000 - £25000 per annum: Recruitment Genius: Our client is seeking someone w...