50 Million Accounts of LivingSocial Compromised
Have an account in LivingSocial? If yes, then you should know a few important things related to your personal data security. Known as the daily deals website owned in part by Amazon, LivingSocial has been hacked during a cyber attack. E-mail addresses, names, birthdates and passwords of 50 million users have been exposed. Fortunately, no credit card information was accessed, as the company states.
LivingSocial assured their users that the company never stores passwords in plain text format. Moreover, they use SHA1 hashing along with 40 byte salt. This means that all passwords are changed into a unique data string by using an algorithm. To put it simply, the ‘hash’ is made. For advanced protection, the ‘salt’ extends the password and adds the needed complexity.
Asking users to change their passwords was the first urgent step that LivingSocial took. It was also recommended to change passwords on other websites if the same or similar passwords were used there.
AllThingsD.com states that the only unaffected LivingSocial users are those in Korea, Indonesia, Thailand and the Philippines, as those users’ data is stored on separate systems.
An interesting fact to know – the cyber attack arrived one month later after CTO Aaron Battalion resigned from his position in LivingSocial.