Sosasta.com, the Indian subsidiary of group discount outfit Groupon, has leaked its entire user database online.
The database, which includes e-mail addresses and clear-text passwords of some 300,000 users, may have been published on the web by mistake although some reports suggest the outfit was the victim of a hack.
In a statement, Sosasta said: "Over this weekend, we've been alerted to a security issue potentially affecting subscribers of Sosasta. We wanted to let you know that the issue has been brought under control and your accounts are secure.
"However, as a precautionary measure, we recommend that you change your SoSasta password immediately, by visiting the SoSasta website. If you use the same email/password combination at other websites, we recommend you change those passwords as soon as possible, too."
An Australian security consultant said he stumbled across the leaked data searching for databases containing e-mail address and password pairs according to thinq_