Look no further, Groupon India has it all revealed!
300,000 email addresses and passwords – check!
Computer – check!
Internet – check!
That’s all you need to get hold of one of the biggest databases ever published (“accidentally”) online by an organisation. Wednesday 29th June 2011 turned out to be pretty unlucky for subscribers to the Indian subsidiary of online deals giant, Groupon. In a statement sent to a global news agency, AFP, Groupon “was alerted to a security issue”affecting its sosasta.com subsidiary last Friday and that it “corrected the problem immediately”.
“We have begun notifying our subscribers and advising them to change their Sosasta passwords as soon as possible. We will keep our subscribers fully informed as we learn more”, it added.
Sosasta, an online discount portal acquired in January 2011 posted a notice on Facebook saying it had fixed a security issue and that no financial information, including bank details were compromised.
What a relief!
It was one man who discovered the fatal mistake and prevented data from getting into wrong hands. Daniel Grzelak, founder of the Internet security website shouldichangemypassword.com accidentally discovered this security breach when running a Google search for private-account data exposed by hackers including email addresses and passwords.
Grzelak was surprised when Groupon’s data came up in search results:
“I started scrolling, and scrolling and I couldn’t get to the bottom of the file. Then I realized how big it actually was”, he told Risky.biz.
Aren’t all these “gaffes” too frequent lately? Sony, Google, Nintendo and Travelodge have been headlining media with security breaches to their customer databases. Why don’t companies learn on each other’s mistakes and start implementing some solid security planning, following the good old “plan-do-check-act” rule?
Is YOUR corporate data safe? Are YOUR staff aware of incorrect use of company’s database? Do YOU know how to protect your corporate assets?
If you answered ‘no’ to any of the questions above it’s time to act NOW!
Our Data breaches: Trends, costs and best practices (PDF E-report) is a real eye-opener and will help you protect your corporate information from getting stolen.