LivingSocial Breach Leaves 50 Million Customers Vulnerable
LivingSocial, a website that provides users with deals on a daily basis, has been hacked, it revealed in a memo to employees and later on with a public statement to users. According to a spokesperson, hackers breached the system and pulled quite a bit of user data, including usernames, encrypted passwords, birth dates, and email addresses of potentially 50 million users. Fortunately, financial information was not accessed.
As a result of the breach, LivingSocial has begun resetting users' passwords, and is also sending off emails to customers advising them of the situation, with the exception of users located in South Korea, Thailand, the Philippines, and Indonesia because those systems weren't harmed. Fortunately, while the hackers got some information, the passwords were encrypted.
Users will need to create a new password now that their current one has been reset. Said LivingSocial in a memo to its employees: "We recently experienced a cyberattack on our computer systems that resulted in unauthorized access to some customer data from our servers. We are actively working with law enforcement to investigate this issue."
Although the passwords were encrypted, the possibility exists that they could be cracked, and because of this LivingSocial is encouraging its users to create new passwords on their other online accounts, such as banking, social networking, and email accounts, that use the same password or one close to it. In addition, LivingSocial is also advising users that any emails they may receive requesting password information is a phishing attempt and should be deleted.
[via New York]