BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

Groupon Taiwan resets user passwords after hack, but credit card details not leaked

From: Erica Absetz <erica () riskbasedsecurity com>
Date: Wed, 29 May 2013 10:18:53 -0500
http://thenextweb.com/asia/2013/05/28/groupon-taiwan-resets-user-passwords-after-hack-but-credit-card-details-not-leaked/

Groupon Taiwan has revealed that it has been the victim of a hack
which saw usernames and passwords belonging to its 4.1 million
registered users compromised. On the positive side, the intruders did
not access credit cards and financial details, the company said.

As Inside Taiwan reports [Chinese], the attack on the service — which
is Taiwan’s biggest group-buying site — took place last week. The
company has sent password reset prompts to all users compromised, but
it is not revealing exactly how many were affected.

A note on the company’s website went up this week explaining that all
passwords were encrypted and, in addition to credit cards numbers,
other personal data, including such as addresses, telephone numbers
and full names, was not accessed. It further explains that the data
breach affects Groupon’s business and customers in Taiwan only.

Groupon Taiwan says it has more than 4.1 million ‘regular’ customers,
with 200,000 people subscribed to its email newsletter. Groupon bought
its way into Taiwan when it acquired local service Atlaspost in
December 2010.
_______________________________________________
Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges. 

Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.
Previous By Date Next
Previous By Thread Next

Current thread: