Groupon user data leaked in India

Groupon user data leaked in India

Summary: Indian subsidiary of daily deals giant inadvertently published passwords belonging to user accounts in the country, but company says breach has been fixed, note news reports.


The passwords and e-mail addresses of users of Indian daily deal site, SoSasta, which was acquired by Groupon in January, have been accidentally leaked on the Internet, according to various news reports.

According to a report Wednesday by news wire Reuters, Groupon was first alerted of the data leak on Friday. It did not indicate the number of SoSasta subscribers but said it "fixed the problem immediately" and removed the information that had been "unintentionally shared".

Groupon also advised SoSasta users to change their passwords as soon as possible, Reuters reported.

It added that customers of the daily deals site in other regions were not affected since SoSasta operates its own platform and servers, and is not connected to other Groupon sites in other countries.

A report from Huffington Post noted that it was Australian security consultant, Daniel Grzelak, who discovered the leak on Jun. 24 whilst searching for SQL database files that were Web accessible on Google.

Grzelak informed security blog, Risky Biz, that the leaked data contained e-mail addresses and passwords of some 300,000 SoSasta users, it added.

Topics: Networking, CXO, Data Management, Security, IT Employment

Jamie Yap

About Jamie Yap

Jamie writes about technology, business and the most obvious intersection of the two that is software. Other variegated topics include--in one form or other--cloud, Web 2.0, apps, data, analytics, mobile, services, and the three Es: enterprises, executives and entrepreneurs. In a previous life, she was a writer covering a different but equally serious business called show business.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to start the discussion