Groupon’s User Database Leaks In India

Groupon subscribers in India are warned that their account password is now compromised and cannot be relied upon anymore due to user database leakage of the company.

The leakage was found by a former Australian security consultant Daniel Grzelak when he was finding for publicly accessible database containig e-mail address and password pairs. Grzelak quickly contacted Groupon’s Indian subsidiary Sosasta.com regarding that matter. Within 24 hours, CEO of Groupon, Andrew Mason called him back personally.

After that, the company removed the database. Reason of the incident is still unknown and it is under investigation. All users are already being notified about this.

Grzelak said that this kind of accidental disclosure is not uncommon but until now Groupon’s database is the bigggest one he has found. He was actually searching for more compromised accounts to add to his website shouldichangemypassword.com. The website allows any internet user to search a database of know-compromised e-mail address and password pairs to see if their password has been compromised.

Add comment

Comments

No comments yet.