Groupon’s Indian subsidiary Sosasta.com has accidentally published subscriber database, which includes the e-mail addresses and clear-text passwords of the site’s 300,000 users. It was discovered by Australian security consultant Daniel Grzelak as he searched for publicly accessible databases containing e-mail address and password pairs.
Daniel Grzelak, founder of the Internet security website shouldichangemypassword.com, found the security breach of sosasta.com while running a Google search for publicly available databases.
"A few hours and tweaks later, this database came up," he said "I started scrolling, and scrolling, and I couldn’t get to the bottom of the file. Then I realised how big it actually was."
In January 2011, an online discount portal Sosasta.com acquired by Groupon, Groupon is notifying all its Sosasta users of the incident and is advising them that the passwords they used on the website are now compromised and cannot be relied upon to secure other accounts.
本文轉載brothersoft,編輯僅做翻譯。詳細請查看原網站文章。