Reused passwords cause trouble for Groupon

Next story


Towards the end of 2016 Groupon users reported significant amounts of unauthorised purchases on their accounts.

Groupon is an e-commerce marketplace where companies sell goods, travel and vouchers at a discounted rate. As a member you create an account where you can buy items with ease as your banking details are stored, and the products are sourced in relation to your location.

Groupon users have been reporting breaches to their accounts, where hackers have been using their accounts to buy goods, or compromise their data and financial details.

Customers have reported multiple unauthorised purchases on their accounts, with some users claiming they have been left up to £1,000 out of pocket.

Although, Groupon itself was not directly hacked, it has been confirmed that user details were acquired from other breaches.

Mark James, ESET IT Security Specialist, advises on the steps to take to ensure safety online.

“Sadly this is often a result of reusing passwords on other sites.

“When large data breaches happen the hackers, or those who’ve acquired the data, will try those details on sites that store or hold your Credit Card details.

“If successful they may be able to purchase goods using authentication methods already stolen, or even in some cases with no authentication at all.

“If the only authentication is the CVC code of your Credit Card, then it’s only a 1 in 1000 chance to get it right.

“With so much of our data being stolen these days, it is imperative you keep an eye on your emails and financial statements for any suspect transactions.

“Be vigilant and try, where possible, to contact both your bank and the retailer as soon as possible with any discrepancies.

“Keep all correspondence and review your passwords for any sites that can potentially store your credit card information.

“Remember a password manager to help you use unique complex passwords and Two Factor Authentication, if available, will stop others from using your login details.”

Have you ever lost money due to a reused password? Let us know on Twitter @ESETUK

Join the ESET UK LinkedIn Group and stay up to date with the blog. If you’re interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.