LivingSocial’s the latest hacking target, and the results were definitely in the favor of the hackers this time around as over 50 million accounts were affected.
Not only did the hacker(s) make off with personal information like names and emails, but encrypted passwords and birthdates were also successfully stolen.
LivingSocial, owned partially by Amazon, has around 70 million customers worldwide. There are divisions of the company all around the world, including in South Korea, Indonesia, and Thailand. However, all of the other divisions remain unaffected because the accounts were on different servers.
Although there are a billion or so people on the internet, this attack and successful data farming could potentially have made off with details for .5% of the users on the Internet. Of course, this could mean compromised credit cards, but also compromised passwords, which would result in huge problems because of the reuse of passwords across the Internet. “You should be changing your passwords immediately,” said Robert Hansen, director of Product Management at WhiteHat Security.
Tim O’Shaughnessy, director and LivingSocial CEO, recently sent an email out to users: “We recently experienced a cyberattack on our computer systems that resulted in unauthorized access to some customer data from our servers. We are actively working with law enforcement to investigate this issue.” He followed this statement up with the same advice that Hansen offered – change your passwords in as many locations as you can if you used the same password on LivingSocial that you did on other websites.
However, it appears most financial data, such as credit card information and numbers, managed to avoid the stolen data checklist. LivingSocial stores data for credit cards in a separate location, one that the hacker did not find.
LivingSocial is not alone in having their data stolen. In the past few months alone, Evernote, Zappos, LinkedIn, and individual accounts on Twitter have all suffered from hacking attempts. Financial institutions have also suffered DDoS attacks over the last few months.
If you’re using the same password for your bank accounts that you are using for Facebook and other social websites, now is a good time to start changing them. A different password for your email account, social media websites, and bank accounts is recommended.