Groupon Deal of the Day: 300,000 Customer Accounts 90
itwbennett writes "The customer database of Groupon's Indian subsidiary was published, unsecured and unencrypted, on the company's site for long enough to indexed by Google. Australian security consultant Daniel Grzelak, Tweeted the news and also notified Groupon, which 'was amazing at providing a swift and full response,' Grzelak said on Twitter. 'They deserve credit for their reaction.'"
Credit Where Credit Is Due (Score:5, Insightful)
Re:Credit Where Credit Is Due (Score:5, Insightful)
Yay? (Score:4, Insightful)
One hopes that those same corporations have _also_ learned that better security is necessary, but even if they have we're not going to see the effects of _that_ lesson for awhile.
They deserve credit? (Score:4, Insightful)
'They deserve credit for their reaction.'
That's like saying if I quickly pull the knife out after stabbing someone, I deserve credit for my quick reaction.
Re:Credit Where Credit Is Due (Score:5, Insightful)
2) unless the site backend is open source, you don't even know whether passwords are hashed unless it gets hacked
I tell it I forgot my password. If it emails the password back to me, it's stored as good as plain text. Then I change it to line noise and never go back.
Re:Oh for the love of ! (Score:4, Insightful)
I feel like I am into bizzaro world as this phrase now evaluate to true....