The Washington Post

LivingSocial deals with hacking fallout

View of the reception desk at Living Social in Washington on June 26, 2012. (NICHOLAS KAMM/AFP/GETTY IMAGES)

LivingSocial is undertaking a massive cleanup since it said Friday that its consumer records had been compromised.

The attack on the company’s systems revealed the names, e-mail addresses, encrypted passwords and birth dates of more than 50 million of its users worldwide.

The company has notified users affected by the attack and is asking them to change their passwords by heading to the site and signing in. Once affected users have signed in, they’re prompted to change their passwords. Users can then click that link and are sent an e-mail with a link that will let them reset their passwords.

The company is also putting a banner at the top of all of its pages to inform users they should change their passwords.

Some LivingSocial users have reported that they aren’t receiving their password reset e-mails because the messages are getting caught in spam filters. The e-mails should come within minutes of users clicking on the link; be very suspicious of any other e-mails claiming to be from LivingSocial that aren’t triggered by this action.

LivingSocial spokesman Andrew Weinstein said that the company hasn’t heard about an unusual spike of mail getting snagged before making it to users inboxes but that the firm is working to alert every user about the breach.

So far, he said, the process, while unfortunate, has “gone fairly smoothly” and that there haven’t been any major problems as users rush to change their passwords.

Users should also change passwords and credentials for any accounts that share their old Living Social username and password. But they should also be on the lookout for an increase in spam e-mails related to the hack. As always, immediately delete any e-mail that asks you to “verify” your username or password by entering it, and carefully check that the Web sites embedded in e-mail links take you to the right place before you enter any information.

And, as always, be very careful about opening any e-mail that sets off warning bells in your head. When in doubt, hit the delete key.

(LivingSocial chief executive Tim O’Shaughnessy is the son-in-law of Donald E. Graham, Washington Post Co. chairman and chief executive.)

Related stories:

LivingSocial is hacked, affecting 50 million worldwide

Hackers compromise AP Twitter account, send out false tweet about White House attack

How to protect your Twitter feed: the same way you do for any online account

Sign up today to receive #thecircuit, a daily roundup of the latest tech policy news from Washington and how it is shaping business, entertainment and science.

Hayley Tsukayama covers consumer technology for The Washington Post.



Success! Check your inbox for details. You might also like:

Please enter a valid email address

See all newsletters

Show Comments
Most Read



Success! Check your inbox for details.

See all newsletters

Your Three. Videos curated for you.
Play Videos
This isn't your daddy's gun club
A look inside the world of Candomblé
It's in the details: Five ways to enhance your kitchen makeover
Play Videos
A fighter pilot helmet with 360 degrees of sky
The rise and fall of baseball cards
Is fencing the answer to brain health?
Play Videos
John Lewis, 'Marv the Barb' and the politics of barber shops
How to prevent 'e-barrassment'
The art of tortilla-making
Play Videos
Circus nuns: These sisters are no act
How hackers can control your car from miles away
How the new credit card chip makes purchases more secure

To keep reading, please enter your email address.

You’ll also receive from The Washington Post:
  • A free 6-week digital subscription
  • Our daily newsletter in your inbox

Please enter a valid email address

I have read and agree to the Terms of Service and Privacy Policy.

Please indicate agreement.

Thank you.

Check your inbox. We’ve sent an email explaining how to set up an account and activate your free digital subscription.