Daily deals website LivingSocial (second only to Groupon) has disclosed that they have been hacked and that the attacker accessed the names, email addresses and “encrypted” passwords of 50 million customers worldwide.
“We recently experienced a cyber-attack on our computer systems that resulted in unauthorized access to some customer data from our servers. We are actively working with law enforcement to investigate this issue,” the site told customers.
“We are sorry this incident occurred, and we look forward to continuing to introduce you to new and exciting things to do in your community.”
Customers are now urged to reset their passwords. However, if you log in to LivingSocial through Facebook Connect, you do not need to worry as your Facebook login credentials have not been compromised. If you have a separate account, however, then you need to create a new password.
LivingSocial stresses that the passwords were “hashed” and “salted”, and that they never stored plain text passwords. In addition, they also said that no credit card information nor merchant banking information was accessed or affected by the attack – they are stored in a separate database.
According to its spokesman Andrew Weinstein, talking to Reuters, these affect customers in the US, Canada, the UK, Ireland, Australia, New Zealand, Southern Europe and Latin America. Customers in South Korea, Indonesia, Philippines and Thailand were not affected by the attack.