Skip to main content

50 million affected in LivingSocial hack

Daily deals site LivingSocial on Friday afternoon disclosed that it suffered a major cyber attack on its computer systems that resulted in unauthorised access to customer data.

More than 50 million accounts were potentially affected by the cyberattack, a LivingSocial spokesman confirmed. The hackers had access to users' names, email addresses, birthdates, and encrypted passwords. On a more positive note, customer credit card and merchant financial information were not accessed in the attack.

LivingSocial on Friday began sending data breach notification emails to all affected customers noting that the company is working with law enforcement to investigate the attack. Though passwords were encrypted, and would be difficult for attackers to decode, LivingSocial has reset all affected users' passwords as a security precaution.

The breach appears to have impacted customers in all the countries in which LivingSocial operates, with the exception of Thailand, South Korea, Indonesia, and the Philippines, where the company uses different systems.

LivingSocial warned users to be on the lookout for phishing emails aiming to harvest their personal information as a result of the breach.

"Please note that LivingSocial will never ask you directly for personal or account information in an email," the company said in its notification to customers. "We will always direct you to the LivingSocial website — and require you to login — before making any changes to your account. Please disregard any emails claiming to be from LivingSocial that request such information or direct you to a different website that asks for such information."

In an email to employees on Friday, LivingSocial CEO Tim O'Shaughnessy said the company is "redoubling efforts to prevent any issues in the future."

LivingSocial is, of course, just the latest company to experience a massive data breach. Other recent breach victims have included LinkedIn, Evernote, and Zappos.