After hack, LivingSocial tells 50M users to reset passwords
Users' names, email addresses and passwords may have been accessed, CEO Tim O'Shaughnessy said
IDG News Service - More than 50 million users of the daily deals site LivingSocial are being asked to reset their passwords after hackers attacked the company's servers and potentially made off with personal data.
The cyberattack "resulted in authorized access to some customer data on our servers," including names, email addresses, dates of birth and encrypted passwords, LivingSocial CEO Tim O'Shaughnessy said in an email to employees and in a separate email being sent to customers.
The database that stores customer credit card information was not affected, nor was the database that stores merchants' financial and banking information, the Washington, D.C.-based company said.
Although decoding users' passwords "would be difficult," the site says it is taking "every precaution" by expiring its users' passwords and asking them to create a new one. Emails are being sent this afternoon to the more than 50 million users whose data may have been compromised, a LivingSocial spokesman said.
LivingSocial says it has 70 million members worldwide. Customers in Korea, Thailand, Indonesia and the Philippines aren't being contacted because the company uses different computer systems in those countries, it said.
The group behind the attack has not been identified. "We are actively working with law enforcement to investigate this issue," LivingSocial said on its website.
The hack may have resulted in users' accounts on other sites being compromised. "We also encourage you, for your own personal data security, to consider changing password(s) on any other sites on which you use the same or similar password(s)," O'Shaughnessy said.
"We need to do the right thing for our customers who place their trust in us," O'Shaughnessy said in the employee email, adding, "We'll all need to work incredibly hard over the coming days and weeks to validate that faith and trust."
The hack follows a slew of attacks on Twitter, Facebook, Microsoft and other companies. LivingSocial said it is "redoubling" its efforts to prevent future breaches.
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts