Expired

Groupon has been hacked

52
Found 25th Feb 2013
Several e-mail addresses which I exclusively used for Groupon, have all now received spam messages. They were sent today between 18.03-18.33 and I've attached a copy of the e-mails in 1st post. If you are a registered Groupon user, then I strongly urge you to check your inboxes, including your spam folder, and check to see if you have received the same e-mails.

I am still awaiting an official response from Groupon on this and will post it when I have one.
Community Updates
52 Comments
For more information on disposible e-mail addresses and how I use them, see this thread: hotukdeals.com/mis…753

Below is a copy of a spam message I have received today between 18.03-18.33, all have a subject similar to below:

Online Pharmacy : SAVE up 90% off retail price!
Online Pharmacy : Buy Cheap Discount Pack #1
Online Pharmacy : VIAGRA + **** !!!

On 25 February 2013 06:01, Online Pharmacy supfl-at-yahoo.com |Groupon| wrote:
>
> Payment method: VISA,MasterCard,American Express,ACH (USA Echeck),Bitcoin
> Best quality drugs
> Fast Shipping USA
> Professional packaging
> 100% guarantee on delivery
> Best prices in the market
> Discounts for returning customers
> FDA approved productas
> 35000+ satisfied -customers
>
> =============================================================
> If you can't click on link, please click "no spam" or copy and paste it to
> address bar
> =============================================================
>
> http://*****.genericscheapv**gra.ru
>


link amended in case it's malicious
Edited by: "flyingflea" 25th Feb 2013
flyingflea

For more information on how I know that Groupon has spammed me, see this … For more information on how I know that Groupon has spammed me, see this thread: http://www.hotukdeals.com/misc/updated-22-2-2013-list-of-companies-593753Below is a copy of a spam message I have received today between 18.03-18.33:On 25 February 2013 06:01, Online Pharmacy supfl-at-yahoo.com |Groupon| wrote:>> Payment method: VISA,MasterCard,American Express,ACH (USA Echeck),Bitcoin> Best quality drugs> Fast Shipping USA> Professional packaging> 100% guarantee on delivery> Best prices in the market> Discounts for returning customers> FDA approved productas> 35000+ satisfied -customers>> =============================================================> If you can't click on link, please click "no spam" or copy and paste it to> address bar> =============================================================>> http://jldcc.genericscheapviagra.ru>



Thanks for the link, needed to stock up again great prices too.
They probably just sold your details, I have a mobile number that I only give out to companies like the NHS or my bank, one of them has sold my number because I had no spam for years, as soon as I disclosed it to what I thought where a few reputable companies (after reading their data policies) I now get PPI and injury spam regularly, which is nice.

They probably just sold your details



this rather that hacked
That

They probably just sold your details

smashed

That





t'other

...I strongly urge you to check your inboxes, including your spam folder, … ...I strongly urge you to check your inboxes, including your spam folder, and check to see if you have received the same e-mails.



http://cdn.memegenerator.net/instances/400x/35386536.jpg
harlzter

Thanks for the link, needed to stock up again great prices too.




Lol tape a lollypop stick to it,,and bingo,up for hours! cheaper then a blue pill.
timtom13

Lol tape a lollypop stick to it,,and bingo,up for hours! cheaper … Lol tape a lollypop stick to it,,and bingo,up for hours! cheaper then a blue pill.



Sounds like the voice of experience
timtom13

Lol tape a lollypop stick to it,,and bingo,up for hours! cheaper … Lol tape a lollypop stick to it,,and bingo,up for hours! cheaper then a blue pill.



I imagine it is pretty soul destroying when the lollypop stick overshadows your member.
timtom13

Lol tape a lollypop stick to it,,and bingo,up for hours! cheaper … Lol tape a lollypop stick to it,,and bingo,up for hours! cheaper then a blue pill.



Brings a whole new meaning to 'got wood' oO


harlzter

Sounds like the voice of experience



That's sounds like someone who's tried it and knows it doesn't work (_;)
mceverready

I can tell you it is pretty soul destroying when the lollypop stick … I can tell you it is pretty soul destroying when the lollypop stick overshadows your member.



That must be why you drive an Audi!
markq

That must be why you drive an Audi!



Strong stalking skills brah.
mceverready

Strong stalking skills brah.



Its called a memory!

You managed to "slip in" the fact that you had an Audi in the thread you created where I actually stuck up for you! oO

You signed up for email notifications? X)
markq

Its called a memory!You managed to "slip in" the fact that you had an … Its called a memory!You managed to "slip in" the fact that you had an Audi in the thread you created where I actually stuck up for you! oOYou signed up for email notifications? X)



Wasn't exactly slipped in.

Was integral to the thread.

Just to add confirmation, the unique e-mail address that I purely use for GroupOn, received the same e-mail from "Online Pharmacy" on 25th Feb, as well as a slightly different variant on 27th. Since then, I've also received a couple of e-mails from "Online Casino", and 6 e-mails in the last two days from "Ruby Palace".

Looks very much like they've sold (despite my mailing preferences indicating otherwise) or "lost" their mailing list recently..

flyingflea

Below is a copy of a spam message I have received today between … Below is a copy of a spam message I have received today between 18.03-18.33, all have a subject similar to below:Online Pharmacy : SAVE up 90% off retail price!Online Pharmacy : Buy Cheap Discount Pack #1Online Pharmacy : VIAGRA + **** !!!

taffyt

Just to add confirmation, the unique e-mail address that I purely use for … Just to add confirmation, the unique e-mail address that I purely use for GroupOn, received the same e-mail from "Online Pharmacy" on 25th Feb, as well as a slightly different variant on 27th. Since then, I've also received a couple of e-mails from "Online Casino", and 6 e-mails in the last two days from "Ruby Palace".Looks very much like they've sold (despite my mailing preferences indicating otherwise) or "lost" their mailing list recently..



Yup there have been more, I've had to "switch off" all my Groupon e-mail addresses and use new ones as it's getting too much. Here are copies of the other spam e-mails:

They have a subject similar to below:

Triple your first deposit and enjoy supreme gaming at Ruby Palace
Ruby Palace is the only place to play online

On 26 February 2013 15:36, Online Casino no-reply-at-static-89-42-101-138 |Groupon| wrote:

You can qualify for a 200% Welcome Bonus at Ruby Palace when you sign up today.

You will also be able to enjoy over 450 top-flight casino games.

Once you are a player with us, you will also receive lucrative weekly and monthly promotions.

Our promotions are just the tip of the iceberg, whenever you need to get in touch; you can call or email us, 24/7, 365 days a year.

Visit our website to find out more

ymainrubypalace.com/





==================
Click here to opt out of this email:
unsubscribe.ymainrubypalace.com

I too have started this last week getting spam emails to an email address which I have only ever used on Groupon. On top of this, I have never bought a deal, so it cannot be that the address has been shared with a third-party. Time for Groupon to own-up to this breach/sale of email addresses, whichever it is!
so whose gonna be the first to start questioning them about their data breach?
casparwhite

so whose gonna be the first to start questioning them about their data … so whose gonna be the first to start questioning them about their data breach?



I don't use them and even if I did, they haven't released my personal details that were visible online.

Feel free to brown nose on their behalf if you like though. X)
casparwhite

so whose gonna be the first to start questioning them about their data … so whose gonna be the first to start questioning them about their data breach?


I've submitted a complaint to the ICO as Groupon's current responses have annoyed me. If they put their hands up and admitted what's happened, apologised to their customers and said what they were going to do stop prevent it from happening again, I would have left it there.
Edited by: "flyingflea" 4th Mar 2013
Posted on Facebook!, Groupon are looking into it now.
just to point out that sometimes while you may only use an email account for 1 website and have a clever system like
websitename@yourdomain.com you can still get spam as spammers just chuck any old word at the front and sometimes they will get lucky
SOSAGES

just to point out that sometimes while you may only use an email account … just to point out that sometimes while you may only use an email account for 1 website and have a clever system likewebsitename@yourdomain.com you can still get spam as spammers just chuck any old word at the front and sometimes they will get lucky



I think he/she uses a clever system using unusual character, so the chance of a system randomly trying one of the addresses would be tiny I think.
SOSAGES

just to point out that sometimes while you may only use an email account … just to point out that sometimes while you may only use an email account for 1 website and have a clever system likewebsitename@yourdomain.com you can still get spam as spammers just chuck any old word at the front and sometimes they will get lucky


A typical e-mail address created using sneakemail would look like this: pj2Y4u9w2py@snkmail.com so the chances of spammers guessing that would be highly unlikely. I also have 12 similar unique e-mail addresses created for Groupon and every one has received the same spam e-mails.
Edited by: "flyingflea" 11th Mar 2013
flyingflea

A typical e-mail address created using sneakemail would look like this: … A typical e-mail address created using sneakemail would look like this: pj2Y4u9w2py@snkmail.com so the chances of spammers guessing that would be a million in one. I also have 12 similar unique e-mail addresses created for Groupon and every one has received the same spam e-mails.



Why do you have 12 emails just for Groupon?
sancho1983

Why do you have 12 emails just for Groupon?


For friends and family who don't want to give Groupon their e-mail address.
that doesnt explain why you have a dozen email addresses, surely if youre ordering on their behalf you would just use the same 1

why create a dozen email addresses, what purpose does this serve out of interest?
casparwhite

that doesnt explain why you have a dozen email addresses, surely if youre … that doesnt explain why you have a dozen email addresses, surely if youre ordering on their behalf you would just use the same 1why create a dozen email addresses, what purpose does this serve out of interest?



I have done something similar with addresses I use for various online companies. Notably eBay and Paypal and a few retailers with the express logic that if I ever receive something with the address I registered to those companies with, I would know exactly who has leaked the data.

Let's face it, data breaches should be taken seriously. I know I do.
guv

I have done something similar with addresses I use for various online … I have done something similar with addresses I use for various online companies. Notably eBay and Paypal and a few retailers with the express logic that if I ever receive something with the address I registered to those companies with, I would know exactly who has leaked the data.Let's face it, data breaches should be taken seriously. I know I do.


so you also use a different email address for a dozen friends and familys online orders.... i dont quite get the point?

you sound paranoid tbh
casparwhite

so you also use a different email address for a dozen friends and familys … so you also use a different email address for a dozen friends and familys online orders.... i dont quite get the point?you sound paranoid tbh



I didn't say that at all Casper.
guv

I didn't say that at all Casper.


you said you had done something similar.

you still sound paranoid though
casparwhite

you said you had done something similar.you still sound paranoid though



I said similar and explained the similarities and reasons for doing so. It also serves to assist with folder storage for specific email addresses to be collected in.

It's not a sign of being paranoid Casper, but never mind if youve not got the intelligence to understand the logic in doing so.

casparwhite

that doesnt explain why you have a dozen email addresses, surely if youre … that doesnt explain why you have a dozen email addresses, surely if youre ordering on their behalf you would just use the same 1why create a dozen email addresses, what purpose does this serve out of interest?


a) paranoid
b) too much time on hands
guv

I said similar and explained the similarities and reasons for doing so. … I said similar and explained the similarities and reasons for doing so. It also serves to assist with folder storage for specific email addresses to be collected in.It's not a sign of being paranoid Casper, but never mind if youve not got the intelligence to understand the logic in doing so.


is a data breach different to marketing or spam mail?

casparwhite

is a data breach different to marketing or spam mail?



In what context? Remember Casper, it's all about context.
guv

In what context? Remember Casper, it's all about context.


now youre acting crazy

any context you like.....just answer
casparwhite

now youre acting crazyany context you like.....just answer



Yes.
guv

Yes.


i can see the relevence to spam like ff has already said but i dont get the connection to a data breach?
Post a comment
Avatar
@
    Text

    Top Discussions

    Top Merchants