LivingSocial, the Washington D.C.-based daily deals company, has been suffered from a hack that could have affected the data of more than 50 million customers, AllThingsD first reported Friday based on an email obtained from CEO Tim O’Shaughnessy to employees. The email said that LivingSocial had experienced “cyber-attack on our computer systems that resulted in unauthorized access to some customer data.”
A LivingSocial representative confirmed the hack with us, and said that the company would be contacting the more than 50 million users who might have been affected, sending them emails explaining what happened and encouraging them to reset their passwords. The hack affected all of the company’s users except those in South Korea, Thailand, Indonesia, and the Philippines, since data for those users is stored on different servers.
The hack comes as large consumer web companies are increasingly facing scrutiny regarding their security measures. In February Twitter reported that hackers may have accessed data on 250,000 user accounts, and LinkedIn was sued over a hacking incident last summer that exposed more than six million consumer passwords.
In a statement, O’Shaughnessy explains how the company was hacked and how that will affect customers:
“We recently experienced a cyber-attack on our computer systems that resulted in unauthorized access to some customer data from our servers. We are actively working with law enforcement to investigate this issue.
The information accessed includes names, email addresses, date of birth for some users, and encrypted passwords — technically ‘hashed’ and ‘salted’ passwords. We never store passwords in plain text.”
Currently, visitors to LivingSocial’s website will notice a large red bar telling them to reset their passwords: