Skip to main content
  1. Home
  2. Computing
  3. News

Groupon’s entire Indian user database published online

By

andrew_mason_groupon-sosasta
Image used with permission by copyright holder

In what appears to have been a massive mistake, the entire user database of Groupon‘s Indian subsidiary Sosasta.com has been published online and indexed by Google, reports Risky.biz. Included in the searchable database are all the email addresses and passwords of Sosasta’s 300,000 users. Whoops…

Recommended Videos

Australian security consultant Daniel Grzelak first discovered the substantial cache of login credentials as part of his research for his newly launched personal online service ShouldIChangeMyPassword.com. The discovery was made by simply searching in Google for standard SQL database files that contained words like “gmail” and “password.”

Related

“A few hours and tweaks later, this database came up,” Grezlak tells Risky.biz. “I started scrolling, and scrolling and I couldn’t get to the bottom of the file. Then I realised how big it actually was.”

After discovering the breach Grezlak called Risky.biz to report his findings. The website then called Groupon CEO Andrew Mason, who called them back personally soon after they reported the data leak. Groupon has since had the database removed from Google — an astounding accomplishment, as anyone who’s ever tried to get Google to do them a favor knows too well — and the daily deals company has reportedly launched an internal investigation to discover how such a thing could have happened.

Groupon has alerted its Sosasta users of the escapade and urged them to change their passwords.

According to Groupon’s official statement on the matter, “Sosasta runs on its own platform and servers, and is not connected to Groupon sites in other countries,” so Groupon users in the US or anywhere outside of India probably have nothing to worry about.

Perhaps even more interesting is Grezlak’s password project, which allows users to check their email address to see if it’s included in any of the user log databases that have been published by hackers over the past year.

“There are now…1.3 million records on the site,” says Grezlak. “All the LulzSec releases are included as well as data from other high profile incidents such as the Mt. Gox Bitcoin exchange hack and the Gawker breach from a year ago.”

So if you’re wondering whether you’re possibly at risk, check your address right here.

(Pictured: Groupon CEO Andrew Mason; Image via)

Andrew Couts
Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
Topics
The Tesla bot isn’t superhuman yet, but it can make dinner
Tesla's Optimus robot stirring an oven pot.

A week ago we saw Tesla’s Optimus robot showing off some nifty dance moves. This week, you can watch it performing a bunch of mundane tasks, though admittedly with a great deal of skill -- for a humanoid robot.

Instructed via natural language prompts, the so-called “Tesla bot” is shown in a new video dumping trash in a bin, cleaning food off a table with a dustpan and brush, tearing off a sheet of paper towel, stirring a pot of food, and vacuuming the floor, among other tasks. 

Read more
Best of Computex 2025 awards: The tech that impressed us the most
Best of Computex 2025

Although Computex 2025 is still far from over, the biggest announcements have already been dropped, and this year's event turned out to be quite exciting. From graphics cards to laptops and monitors, there's plenty of options for a tech enthusiast to dig into, and some -- if not most -- of these new innovations are already available, or will be soon.

Out of all the thrilling new tech that companies such as AMD, Asus, Acer, and MSI announced, what impressed us the most? Below, you'll find the new releases that scored our Best of Computex 2025 award.

Read more
Google IO 2025 summary: 5 big announcements you’ll want to know
Google IO 2025 logo on the surface of the earth

Google IO 2025 delivered us a huge helping of AI during the almost two-hour opening keynote.

Google's CEO, Sundar Pichai, and colleagues got through an awful lot on stage, and while some of the talk was aimed primarily at developers, there were plenty of big announcements for us - the people on the street - to explore.

Read more