Tech

LivingSocial HACKED: 5 Fast Facts You Need to Know

LivingSocial Hacked

LivingSocial, Amazon’s daily deals website, has been hacked. Here’s what you should know about the breach and what LivingSocial users have been told to do to keep themselves safe.


1. 50 Million Customers Are in the Hacked Database
LivingSocial Hacked
AllThingsD reported that 50 million of LivingSocial’s customers have been affected by this latest online hacking. Customers’ names, e-mails, home addresses, passwords, and some users’ dates of birth were compromised during the hacking. On the company’s home page, a red message notifier at the top of the website can be seen telling users to change their passwords — ASAP.


2. The Hack Affects Users Worldwide
LivingSocial Hacked
The hack affected all countries in which LivingSocial does business, except four: Thailand, Malaysia, Indonesia and the Philippines. LivingSocial’s two other sub-units, Ticketmonster and Ensogo, were also safe since they were on different servers.


3. LivingSocial Just Got Some Cash to Cover Big Losses
LivingSocial Hacked

AllThingsD reported that the online deals company just received some funds from its investor due to the losses it recently accrued:

The attack comes at a tough time for the company, since it has been trying to turn itself around after a downturn across the daily deals landspace. LivingSocial just got a large cash infusion recently from investors to help staunch its losses. Amazon owns 29 percent of the company.

The Washington Post offered more insight into the company’s financial status, which is improving:

Daily deals company LivingSocial cut its operating losses nearly in half during the first quarter of 2013 as revenue surged and cost cutting efforts took hold. The District-based firm reported an operating loss of $44 million for the first quarter of 2013, compared with the $91 million operating loss the company recorded during the same period a year ago, according to a regulatory filing. Revenue jumped to $135 million during the first quarter, compared with $110 million during the same period a year ago.


Share this with your LivingSocial friends!

Share Tweet Share Email

4. An E-Mail Was Sent to Those Who Have Been Hacked
The following e-mail (which was sent from LivingSocial’s CEO Tim O’Shaughnessy) was sent to the customers whose information was accessed during the hacking:

Subject: An important update on your LivingSocial.com account
LivingSocial recently experienced a cyber-attack on our computer systems that resulted in unauthorized access to some customer data from our servers. We are actively working with law enforcement to investigate this issue.
The information accessed includes names, email addresses, date of birth for some users, and encrypted passwords — technically ‘hashed’ and ‘salted’ passwords. We never store passwords in plain text.
The database that stores customer credit card information was not affected or accessed.
Although your LivingSocial password would be difficult to decode, we want to take every precaution to ensure that your account is secure, so we are expiring your old password and requesting that you create a new one.
For your security, please create a new password for your < > account by following the instructions below.
1. Visit LivingSocial.com
2. Click on the “Create a New Password” button (top right corner of the homepage)
3. Follow the steps to finish
We also encourage you, for your own personal data security, to consider changing password(s) on any other sites on which you use the same or similar password(s).
The security of your information is our priority. We always strive to ensure the security of our customer information, and we are redoubling efforts to prevent any issues in the future.
Please note that LivingSocial will never ask you directly for personal or account information in an email. We will always direct you to the LivingSocial website — and require you to login — before making any changes to your account. Please disregard any emails claiming to be from LivingSocial that request such information or direct you to a different website that asks for such information.
If you have additional questions about this process, the “Create a New Password” button on LivingSocial.com will direct you to a page that has instructions on creating a new password and answers to frequently asked questions.
We are sorry this incident occurred, and we look forward to continuing to introduce you to new and exciting things to do in your community.
Tim O’Shaughnessy
CEO, LivingSocial


5. An E-mail Was Also Sent to LivingSocial’s Employees
This e-mail was sent to the staff of LivingSocial:

Re: Security Incident
LivingSocialites –
This e-mail is important, so please read it to the end.
We recently experienced a cyber-attack on our computer systems that resulted in unauthorized access to some customer data from our servers. We are actively working with law enforcement to investigate this issue.
The information accessed includes names, email addresses, date of birth for some users, and encrypted passwords — technically ‘hashed’ and ‘salted’ passwords. We never store passwords in plain text.
Two things you should know:
1. * The database that stores customer credit card information was not affected or accessed.
2. * The database that stores merchants’ financial and banking information was not affected or accessed.
The security of our customer and merchant information is our priority. We always strive to ensure the security of our customer information, and we are redoubling efforts to prevent any issues in the future.
To ensure our customers and merchants are fully informed and protected, we are notifying those who may have been impacted via email explaining what happened, expiring their passwords, and requesting that they create new passwords. A copy of the note is included below this email.
If you have any questions or concerns, please visit Pulse –https://pulse.livingsocial.com/intranet/Home/more_updates.html — for a list of frequently asked questions. If you have additional questions that aren’t answered in the FAQs, please submit them via email to XXX@livingsocial.com.
Because we anticipate a high call volume and may not be able to answer or return all calls in a responsible fashion, we are likely to temporarily suspend consumer phone-based servicing. We will be devoting all available resources to our web-based servicing.
I apologize for the formality of this note, which the circumstances demand. We need to do the right thing for our customers who place their trust in us, and that is why we’re taking the steps described and going above and beyond what’s required. We’ll all need to work incredibly hard over the coming days and weeks to validate that faith and trust.
– Tim

Respond To This

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

More Tech you need to know