Groupon deal of the day: 300,000 customer accounts



  •  http://www.itworld.com/security/178625/groupon-deal-day-300000-customer-accountsfree @itworld.com said:

    The customer database of Groupon subsidiary SoSasta was published unsecured and unencrypted on the company's site for long enough to be indexed by Google, according to Australian security consultant Daniel Grzelak, who Tweeted the news late Tuesday and tipped off an Australian security news site.
    TRWTF of course is that this sort of thing has become so common that it isn't even news anymore.

     

     



  • The acquisition of SoSasta by Groupon shows that the daily deal business in India is a very profitable one. But, what really suprises me is the release of customer database in the company page that too in the unsecured and unencrypted manner. What is the real need to release these database open to the internet audience? The answer is simple. This might be a hook to advertise or show the powerful customer profile to people, so that Groupon can get more trust and popularity.



  • @Alex thomas said:

    The answer is simple. This might be a hook to advertise or show the powerful customer profile to people, so that Groupon can get more trust and popularity.

    I don't know how Indians feel about privacy, but in the US that would be pretty counter-productive. Sure, you're showing off the size of your customer database, but at the same time you're also demonstrating you can't keep it secure... why should I, as a potential user of your service, believe that you'd keep my information any more secure than theirs?



  • @blakeyrat said:

    @Alex thomas said:
    The answer is simple. This might be a hook to advertise or show the powerful customer profile to people, so that Groupon can get more trust and popularity.

    I don't know how Indians feel about privacy, but in the US that would be pretty counter-productive. Sure, you're showing off the size of your customer database, but at the same time you're also demonstrating you can't keep it secure... why should I, as a potential user of your service, believe that you'd keep my information any more secure than theirs?

    There are no existing laws in place. Most peepul over here are fond of free gifting and so privacy is counter pruductive to that kind of thinking proces.



  • Yet more proof that India will eventually rule the world. If the terrorists don't win first, that is...



  •  Hi blake,

    Indians also give more importance to privacy. But, this work of unsecured release of customer profile is actually a reason for self branding or advertisement. Actually, Groupon is the original. This 'SoSasta' is the clone product of the giant daily deal site for Indian audiences. If you want to get more information, check - Groupon clone script

    The name 'SoSasta' contains sanskrit language in which 'Sasta' means 'Cheap'. So it gives cheap discounts and offers. To get the trust and good name from Indian audience is the key here. It is one of the business or marketing methodology.


  • Discourse touched me in a no-no place

    @Alex thomas said:

     Hi blake,

    Indians also give more importance to privacy. But, this work of unsecured release of customer profile is actually a reason for self branding or advertisement. Actually, Groupon is the original. This 'SoSasta' is the clone product of the giant daily deal site for Indian audiences. If you want to get more information, check - Groupon clone script

    The name 'SoSasta' contains sanskrit language in which 'Sasta' means 'Cheap'. So it gives cheap discounts and offers. To get the trust and good name from Indian audience is the key here. It is one of the business or marketing methodology.

    Fucking shit this is the single most pig-headedly nationalistic, paranoid, self-contradictory and just plain idiotic thing I've ever seen anyone accuse a legitimate business of. [i]This[/i] is the way the Nagesh sockpuppet should be run.



  • @Alex thomas said:

     Hi blake,

    Indians also give more importance to privacy. But, this work of unsecured release of customer profile is actually a reason for self branding or advertisement. Actually, Groupon is the original. This 'SoSasta' is the clone product of the giant daily deal site for Indian audiences. If you want to get more information, check - Groupon clone script

    The name 'SoSasta' contains sanskrit language in which 'Sasta' means 'Cheap'. So it gives cheap discounts and offers. To get the trust and good name from Indian audience is the key here. It is one of the business or marketing methodology.

    Hi Alex Thomas,

    Your an idiot!

    Plz stop meking post henceforth. Go play in coment section of the board.

    Nagesh!



  • I don't know what's going on in this thread anymore.



  • Is it just me, or does this bit of the referenced article seem a bit weird?

    Grzelak was looking for private-account data exposed by hackers or just bad security, to expand the data fueling a site he built called ShouldIChangeMyPassword, which contains data from 17 major recent corporate-data breaches. It checks email addresses and login names against lists of compromised accounts to tell users whether they were part of any major data breaches, whether publicly acknowledged or not.
    I really hope that email addresses and login names are all the data he has...


  • @Scarlet Manuka said:

    ShouldIChangeMyPassword
     

    Site could just return Yes on all requests and be done with it.



  • @dhromed said:

    @Scarlet Manuka said:

    ShouldIChangeMyPassword
     

    Site could just return Yes on all requests and be done with it.

    +1, and that would be so dogbertian!

     



  • @dhromed said:

    @Scarlet Manuka said:
    ShouldIChangeMyPassword
    Site could just return Yes on all requests and be done with it.
    In which case it would be particularly disturbing that he uses data collected from a whole bunch of corporate breaches to run it...


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.