LivingSocial, the second biggest daily deal company in the US, after Groupon, announced that it has been hacked and that attackers got away with data on 50 million customers. The data includes names, email addresses, and encrypted passwords.
The passwords are also salted so they should be hard to break, close to impossible on everyday hardware. But that's still a huge amount of data that hackers grabbed.
LivingSocial says that the database containing customer credit card data, as well as the database containing merchant info, haven't been affected in the attack.
Still, that's a huge amount of data that got out. The email addresses alone are a gold mine to any spammer, shady marketer, and anyone in between.
"The security of our customer and merchant information is our priority. We always strive to ensure the security of our customer information, and we are redoubling efforts to prevent any issues in the future," LivingSocial wrote.
Which is nice of them, but maybe if security was such a top concern they wouldn't have been hacked in the first place.
The company is notifying affected users via email, but will suspending phone support during this time. Needless to say, if you have a LivingSocial account, you should be changing your password as soon as possible.
LivingSocial has already expired the passwords of those affected, so they'll have to provide new ones the next time they want to log in.
The site also encouraged those affected to change their passwords on other sites where they may have reused them.
"We need to do the right thing for our customers who place their trust in us, and that is why we're taking the steps described and going above and beyond what’s required. We'll all need to work incredibly hard over the coming days and weeks to validate that faith and trust," CEO Tim O'Shaughnessy wrote in an internal email to employees.