Quantcast

LivingSocial Hacked: 50M+ Emails & Passwords, but No Credit Card Info

Get the WebProNews Newsletter:


LivingSocial Hacked: 50M+ Emails & Passwords, but No Credit Card Info
[ Technology]

Daily deals site LivingSocial is the latest major tech company to fall victim to hackers. According to the Washington D.C.-based company, the hack exposed over 50 million users’ email addresses, passwords, birthdates, and more – but no financial information.

All Things D obtained an internal memo that explains the nature of the attack:

We recently experienced a cyber-attack on our computer systems that resulted in unauthorized access to some customer data from our servers. We are actively working with law enforcement to investigate this issue.The information accessed includes names, email addresses, date of birth for some users, and encrypted passwords – technically ‘hashed’ and ‘salted’ passwords. We never store passwords in plain text.

and…

The database that stores customer credit card information was not affected or accessed. The database that stores merchants’ financial and banking information was not affected or accessed.

If your LivingSocial account was affected, you’ll likely be receiving an email soon notifying you of the hack. It’ll ask you to create a new password and “consider changing password(s) on any other sites on which you use the same or similar password(s)”

Here’s the full email that’s being sent out to customers:

Subject: An important update on your LivingSocial.com account

LivingSocial recently experienced a cyber-attack on our computer systems that resulted in unauthorized access to some customer data from our servers. We are actively working with law enforcement to investigate this issue.

The information accessed includes names, email addresses, date of birth for some users, and encrypted passwords – technically ‘hashed’ and ‘salted’ passwords. We never store passwords in plain text.

The database that stores customer credit card information was not affected or accessed.

Although your LivingSocial password would be difficult to decode, we want to take every precaution to ensure that your account is secure, so we are expiring your old password and requesting that you create a new one.

For your security, please create a new password for your < > account by following the instructions below.

1. Visit LivingSocial.com

2. Click on the “Create a New Password” button (top right corner of the homepage)

3. Follow the steps to finish

We also encourage you, for your own personal data security, to consider changing password(s) on any other sites on which you use the same or similar password(s).

The security of your information is our priority. We always strive to ensure the security of our customer information, and we are redoubling efforts to prevent any issues in the future.

Please note that LivingSocial will never ask you directly for personal or account information in an email. We will always direct you to the LivingSocial website — and require you to login — before making any changes to your account. Please disregard any emails claiming to be from LivingSocial that request such information or direct you to a different website that asks for such information.

If you have additional questions about this process, the “Create a New Password” button on LivingSocial.com will direct you to a page that has instructions on creating a new password and answers to frequently asked questions.

We are sorry this incident occurred, and we look forward to continuing to introduce you to new and exciting things to do in your community.

Tim O’Shaughnessy

CEO, LivingSocial

LivingSocial Hacked: 50M+ Emails & Passwords, but No Credit Card Info
Top Rated White Papers and Resources
  • http://www.nytfundament.dk Hjemmeside

    Makes me think about how secure these big firms, which we gladly give all our information, really are…

  • http://darrenchaker.us Darren Chaker

    Mass hacking seems to be very common. The issue is that most laws force a consumer whose info was stolen to prove damages, for example a fraudulent credit card was opened up. The issues then becomes, proving information which originated from the hacked site resulted in the credit card being issued – in short if you are not the feds, and cannot catch the hacker, or the person/organized crime cartel responsible for many of these hacks, you can’t get any recovery from the company who compromised your data.

  • Scotto

    They are full of $#$#$, one day after this was announced i had multiple fraudulent charges from Hong fricking Kong on the credit card on file with Living Social. I have only used that credit card there.

  • Join for Access to Our Exclusive Web Tools
  • Sidebar Top
  • Sidebar Middle
  • Sign Up For The Free Newsletter
  • Sidebar Bottom