Sosasta.com, the Indian subsidiary of online deals giant Groupon, accidentally published email addresses and passwords of its 300,000-strong subscriber database.
Daniel Grzelak, founder of www.shouldichangemypassword.com, found the security breach while running a Google search for publicly available databases. ?Grzelak’s website shouldichangemypassword.com holds a database of 1.3 million compromised email addresses, allowing users to crosscheck if their email address is among those deemed unsafe.
Sosasta.com, an online discount portal acquired by Groupon in January 2011, alerted its subscribers and posted a message on its Facebook page requesting users to “change their Sosasta password immediately.
Groupon said it would review Sosasta’s security procedures and take necessary measures to prevent this kind of issue in future.
The firm quoted “Groupon takes security and privacy very seriously. Our users’ trust is of paramount importance to us and we deeply regret this incident.” The firm also added “This issue does not affect data from any other country or region.”
Groupon, based in Chicago, announced plans to go public earlier this month. It currently has 83.1 million subscribers and operates in 43 countries.
Source: Emirates 24/7