LivingSocial was recently the target of a massive security attack that left the hackers with identities of more than 50 million users, according to AllThingsD and an internal memo obtained by the news outlet. The identifying information includes names, birthdays, email addresses and passwords. The company maintains that the passwords were encrypted, so it sounds as if the hackers will need to crack the encryption before they can access an account. You should still change your password right now.
AllThingsD confirmed the report with LivingSocial’s press representatives. The company is advising that users visit their website and immediately create a new password. The email that was sent an email to employees and obtained by AllThingsD is as follows:
Re: Security Incident
LivingSocialites –
This e-mail is important, so please read it to the end.
We recently experienced a cyber-attack on our computer systems that resulted in unauthorized access to some customer data from our servers. We are actively working with law enforcement to investigate this issue.
The information accessed includes names, email addresses, date of birth for some users, and encrypted passwords — technically ‘hashed’ and ‘salted’ passwords. We never store passwords in plain text.
Two things you should know:
1. * The database that stores customer credit card information was not affected or accessed.
2. * The database that stores merchants’ financial and banking information was not affected or accessed.
The security of our customer and merchant information is our priority. We always strive to ensure the security of our customer information, and we are redoubling efforts to prevent any issues in the future.
To ensure our customers and merchants are fully informed and protected, we are notifying those who may have been impacted via email explaining what happened, expiring their passwords, and requesting that they create new passwords. A copy of the note is included below this email.
If you have any questions or concerns, please visit Pulse –https://pulse.livingsocial.com/intranet/Home/more_updates.html — for a list of frequently asked questions. If you have additional questions that aren’t answered in the FAQs, please submit them via email to [email protected].
Because we anticipate a high call volume and may not be able to answer or return all calls in a responsible fashion, we are likely to temporarily suspend consumer phone-based servicing. We will be devoting all available resources to our web-based servicing.
I apologize for the formality of this note, which the circumstances demand. We need to do the right thing for our customers who place their trust in us, and that is why we’re taking the steps described and going above and beyond what’s required. We’ll all need to work incredibly hard over the coming days and weeks to validate that faith and trust.
– Tim
LivingSocial apologized for the incident and says that privacy is a top concern.
Win an iPhone, iPad and Apple Watch with the Reader's Choice giveaway!
What's the best phone of 2019? Is it the iPhone 11 Pro, Pixel 4 or OnePlus 7T? What about the best laptop, games console, tablet and more? Vote NOW in the Reader's Choice awards and win BIG in time for the holidays!
Here are the best products from IFA 2019!
Here are the products announced at IFA 2019 that were worthy of our Best of IFA 2019 awards. Also featuring MrMobile's single best product at the show!
Pixel 4 hands-on videos reveal all, including new 'Screen attention' mode
The Pixel 4 leaks continue to be fierce. Most recently, three hands-on videos showcasing the Pixel 4 in all of its glory have been uploaded to YouTube.
Maintaining your garden is easier with these pruning shears
Leave the scissors at your desk and the hedge trimmer in the shed. These pruning shears make light work of basic cutting tasks in your garden.
