The 8 largest information security breaches: Living Social, 2013

In Information Security ByTeam Acumin / 30th August 2015

So many of us now use the internet to shop. One of the biggest attractions for doing so is the sheer number of deals available across a range of platforms, which is why so many of us were disturbed when we heard that Living Social – one of the internet’s biggest online daily-deal sites had been hacked.

What happened?

In April 2013, the daily-deals company Living Social, which is owned in part by Amazon, revealed that it had fallen victim to cyber hackers, who had accessed the names, addresses, passwords, and birthdays of many of its customers.

How many records were accessed?

According to Living Social, the records of over 50 million of its customers were accessed by cybercriminals, who hacked into the system. Luckily, 20 million customers had their details stored on other servers located in Asia, so did not fall victim to the information security breach.

How it happened

It is not currently known what hackers did to gain access to the Living Social databases. However, what we do know is that hackers were able to gain unauthorised access to servers hosting the details of millions of Living Social users. Luckily, password details were encrypted, which would have made it much more difficult to access and use maliciously. Furthermore, none of the databases which were accessed stored any credit card information, thus limiting the damage that the hackers could do with the information they accessed.

What’s happened since?

Many internet security experts have criticized Living Social for giving out too much information about their password encryption methods.

Since the breach, the company has switched to using a bcrypt hashing method, which will make any data stored by the company much more difficult to decrypt than the hashed and salted passwords that were hacked in this attack.