LivingSocial Hacked, Time To Change Your Passwords

The daily deals site LivingSocial has been hacked, revealing more than 50 million people's usernames, names, birth dates, passwords, and email addresses. Here's what you need to know.

LivingSocial's breach was found out by tech site All Things D when they acquired an internal memo from LivingSocial. The good news is that while the hackers managed to get a lot of customer data, they didn't get any credit card numbers. Customers should be getting an email soon, but either way it's time to update and change your passwords.

As always, if you used your LivingSocial password on any other site, you should change all your passwords now that it's been compromised. Check out our guide to auditing and updating your passwords with LastPass for our recommendations on how to proceed.

LivingSocial Hacked -- More Than 50 Million Customer Names, Emails, Birthdates and Encrypted Passwords Accessed (Internal Memo) [All Things D]


Comments

    Things like this remind me of why 1Password, LastPass and Wallet have become so useful.

      Last pass is great - but it isn't a guarantee that its users have completely unique passwords across sites (some people just use it to store passwords) - it doesn't help inform you that you need to change your password now because of an exposure - and it doesn't help for squat against identity theft for the rest of the personal data that just got exposed.

        Actually, correct me if im wrong, but I think Lastpass has a notification about password hacks. Their own, and other websites.

    Does this include the AUssie site or is this yet another mirror across from the US?

      I have never heard of this site before reading this article but when I clicked the link it took me to what appears to me to be "the site"... ie: there is no "Aussie" version of the site. The service is the service is the service. Obviously the information served up will be (hopefully) geographically specific, but the infrastructure running it would appear to be the same no matter where you are located.

      For me it's offering me deals in the Sydney area http://d.pr/i/7VnQ based upon geolocation via my ISP (I'm physically in Melb)

      In other words... change your password. Presumably the service will be forcing a password change on all users anyway.

      And if you're not using LastPass or 1Password to generate, store and manage your passwords... get cracking :-)

    Why is it good news that they got heaps of customer data but not credit cards? All credit cards have fraud protection which covers these types if incidents. Losing your name, DOB and contact details to a hacker is terrible as you have no insurance against that, and it is one giant leap towards identity theft.

    Hmmm.. I log in using facebook... wonder how this affects me??

    Update: This is the response:

    LivingSocial recently experienced a cyber-attack on our computer systems that resulted in unauthorized access to some customer data from our servers. We are actively working with law enforcement to investigate this issue.

    The database that stores customer credit card information was not affected or accessed.

    Although your LivingSocial password would be difficult to decode, we want to take every precaution to ensure that your account is secure, so we are expiring your old password and requesting that you create a new one.

    I hope this means that when I asked them to cancel my account 2 years ago, they actually did. And didn't retain any of my personal information.....I am not holding my breath.

Join the discussion!