Home & Office

Groupon user data leaked in India

Indian subsidiary of daily deals giant inadvertently published passwords belonging to user accounts in the country, but company says breach has been fixed, note news reports.
Written by Jamie Yap, Contributor

The passwords and e-mail addresses of users of Indian daily deal site, SoSasta, which was acquired by Groupon in January, have been accidentally leaked on the Internet, according to various news reports.

According to a report Wednesday by news wire Reuters, Groupon was first alerted of the data leak on Friday. It did not indicate the number of SoSasta subscribers but said it "fixed the problem immediately" and removed the information that had been "unintentionally shared".

Groupon also advised SoSasta users to change their passwords as soon as possible, Reuters reported.

It added that customers of the daily deals site in other regions were not affected since SoSasta operates its own platform and servers, and is not connected to other Groupon sites in other countries.

A report from Huffington Post noted that it was Australian security consultant, Daniel Grzelak, who discovered the leak on Jun. 24 whilst searching for SQL database files that were Web accessible on Google.

Grzelak informed security blog, Risky Biz, that the leaked data contained e-mail addresses and passwords of some 300,000 SoSasta users, it added.

Editorial standards