Groupon India suffers massive security breach
Wednesday 29 June 2011
The Indian subsidiary of online deals giant Groupon has accidentally published email addresses and passwords of its 300,000-strong subscriber database, reports and the company said.
Daniel Grzelak, founder of the Internet security website shouldichangemypassword.com, found the security breach of sosasta.com while running a Google search for publicly available databases.
"A few hours and tweaks later, this database came up," he told the Internet security site risky.biz. "I started scrolling, and scrolling, and I couldn't get to the bottom of the file. Then I realised how big it actually was."
Sosasta.com, an online discount portal acquired by Groupon in January 2011, alerted its subscribers Tuesday and posted a message on its Facebook page asking users to "change your Sosasta password immediately".
"Over this weekend, we have been alerted to a security issue potentially affecting subscribers of Sosasta. We wanted to let you know that the issue has been brought under control and your accounts are secure," the message said.
Grzelak's website shouldichangemypassword.com holds a database of 1.3 million compromised email addresses, allowing users to check if their own email address is among those deemed unsafe.
"There are thousands of these databases indexed by Google," he told Risky.biz. "This just happened to be by far the biggest I found."
Groupon said it would review Sosasta's security procedures and put in place "measures designed to prevent this kind of issue from recurring," risky.biz reported.
"Groupon takes security and privacy very seriously. Our users' trust is of paramount importance to us and we deeply regret this incident," it quoted the firm as saying. "This issue does not affect data from any other country or region."
Groupon, based in Chicago, announced plans to go public earlier this month, after turning down a $6 billion takeover offer from Google last year. It currently has 83.1 million subscribers and operates in 43 countries.
The company operates on the principle of collective buying, negotiating with businesses to offer discounted purchases which come into effect when a minimum number of subscribers agree to pay for the same deal.
Life & Style blogs
Looking past the search results: Google 2.0 will 'build airports and cities' says report
Jennifer Lawrence nude pictures leaked: Reddit removes 'The Fappening' board dedicated to sharing naked pictures of celebrities
Anti-depressants can change how the brain works in just hours
iPhone 'Wave': iOS 8 hoax claims you can charge your iPhone in the microwave - you can't
The 'Angelina Jolie effect': Her mastectomy revelation doubled NHS breast cancer testing referrals
Daniele Watts: Django Unchained actress detained by Los Angeles police after being mistaken for a prostitute
Scottish independence referendum: A nation divided against itself
Scottish referendum results: Cross-party consensus collapses amid Tory-Labour spat on the 'English question'
Scottish independence: David Cameron is becoming the 'George Bush of Britain'
Russia freezes Ukraine into submission: Kiev admits country doesn't have enough fuel for winter
Scottish independence: The Queen breaks silence on referendum debate – as think tank warns of £14bn black hole if Scotland votes Yes
- 1 Mario Balotelli: Staff at arson-hit Manchester Dogs' Home convinced Liverpool striker is behind five-figure donation
- 2 Friends 20th anniversary: Alison Jackson photographs reunited cast
- 3 A bottle of wine a day is not bad for you and abstaining is worse than drinking, scientist claims
- 4 The response to my Pizza Express review has been overwhelming, and taught me a lot about journalism
- 5 Free U2 album: How the most generous giveaway in music history turned into a PR disaster
£75 - £90 per day + negotiable: Randstad Education Group: Are you a cover supe...
£30000 - £35000 per annum: Ashdown Group: Marketing Manager (CIM, B2B, MS Offi...
£22000 - £25000 per annum: Ashdown Group: A highly successful organisation wit...
£1 per day: Randstad Education Leeds: Job Purpose To work closely with the he...