Groupon’s Indian subsidiary – SoSasta accidently leaks subscriber data

Online search giant Groupon's Indian subsidiary -SoSasta - accidentally published the email addresses and passwords of its 3 lakh subscribers last weekend, but after taking corrective action said the issue had been settled.

The online discount portal SoSasta.com, alerted its subscribers about the security issue and asked them to immediately change their passwords.

SoSasta.com was acquired by Groupon in January this year. The company said none of the financial information like credit card, debit card, netbanking was compromised since this information is not stored on SoSasta, as per law.

The discount portal said, it was working aggressively to prevent this from happening again. It added SaSasta took security and privacy very seriously and it was important to the company to provide users with a safe shopping experience of the highest quality. It added it would do  everything possible to keep the users' trust.

The data leak was discovered by an Australian security consultant Daniel Grzelak while he was searching for publicly accessible databases containing e-mail address and password pairs.

Grzelak is the creater of shouldichangemypassword.com. The website allows any internet user to search a database of known-compromised e-mail address and password pairs to check whether their password has been compromised.