Groupon Leaks User Database
Groupon India‘s SoSasta.com Leaks User Database
With hackers stealing and publishing private data every other day, the last place you’d expect a data leak to come from is inside a company. But according to a report by Australia’s Risky Business, that’s what happened on Tuesday at Groupon’s India-based website, SoSasta.
Security consultant Daniel Grzelak claims he was searching Google on June 24 when he discovered the massive database, which includes the email addresses and passwords of thousands of SoSasta users.
“I started scrolling, and scrolling and I couldn’t get to the bottom of the file. Then I realised how big it actually was,” Grzelak told Risky Business’s Patrick Gray, who estimates that 300,000 user accounts were compromised.
ZDNET’s India IT blog reports that Groupon sent the following email to local users on Monday:
Over this weekend, we’ve been alerted to a security issue potentially affecting subscribers of Sosasta. We wanted to let you know that the issue has been brought under control and your accounts are secure. However, as a precautionary measure, we recommend that you change your SoSasta password immediately, by visiting the SoSasta website[…]
Please be aware that none of your financial information (Credit Card, Debit Card, NetBanking etc) has been compromised since this information is not stored on SoSasta, as per law.
However, writes ZDNET, the email apparently did not reach all Sosasta’s users.
Groupon’s U.S. customers shouldn’t be affected by this leak, according to a statement Groupon sent to Risky Business. “Sosasta runs on its own platform and servers, and is not connected to Groupon sites in other countries,” said the statement.
Grzelak noted to Risky Business that these accidental leaks occur fairly often, though not usually as large. He told risky business that he was searching Google on Friday for “publicly accessible databases containing e-mail address and password pairs,” such as those that have been exposed in recent LulzSec hack attacks, among other security breaches. Grzelak has compiled a list of such information at ShouldIChangeMyPassword.com, where users can check to see if their personal information has been made public.
Tumblr Logins Stolen In Widespread Phishing Attack: GFI Labs
Tumblr Logins Stolen In Widespread Phishing Attack: GFI Labs
“Thousands” of Tumblr logins have reportedly been compromised after a widespread phishing attack scammed users into handing their information over to an untrustworthy third party.
According to a post from GFI Labs, a part of software vendor GFI Software, the attack started with a site, designed to look like an official Tumblr page, that offered people the chance to take a “Tumblr IQ Society” quiz if they entered their login credentials. The scam has evolved, and now uses the promise of pornography to get at people’s information, directing people to a landing page that reads, “This page contains adult content. Please revalidate your credentials.”
“The problem does indeed seem to be out of control at this point,” wrote GFI Labs in a blog post, noting that the scammers have successfully grown the scale of the attack by taking over the compromised accounts and using them gain access to even more logins.
GFI Labs writes,
The pages involved are all regular Tumblr users who have previously been compromised. Once hijacked, their pages are converted into the fake logins and then sent into the world following regular Tumblr accounts. At that point, the phisher hopes those same accounts will visit the fake login, enter their details and keep the cycle going.
Tumblr did not immediately respond to a request for comment on the matter.
Users can find out more about phishing scams affecting Tumblr on Phishing-Alert.Tumblr.com. An email allegedly from Tumblr, obtained by GFI Labs, outlines additional advice Tumblr has for users who have been affected by the scam. The email advises these users to immediately change their passwords and has instructions for how to change the appearance of their page.
Were you affected by the phishing scam? Let us know in the comments below.