In the latest hacking scandal to take place this year, numerous Groupon users have reported that their accounts have been hacked, and thousands of pounds have been stolen from their bank accounts.
According to MoneySavingExpert, reports began circling at the start of December from various Groupon customers to say money had been illegally taken from their accounts for various goods and services.
It is believed that Groupon login details for different customers have been accessed from other data breaches and used to hack into accounts.
Customers have reported their accounts have been used to pay for iPhones, iPad Minis, Starbucks vouchers, and in one instance, a European holiday amounting to £2,426.
A spokesperson for the deals and coupon website told MailOnline that Groupon itself wasn’t hacked, though the individual accounts of some users appeared to have been compromised.
“I can confirm there has been no security breach to our website or mobile app. What we are seeing, however, is a very small number of customers who have had their account taken over by fraudsters.”
Some of the biggest hacks of all time have occurred in 2016, from more than one billion accounts compromised at Yahoo, to 400 million customer details stolen from the website Adultfriendfinder.com. If a customer’s account is compromised in one hack, and they use the same details for another website, then hackers can easily access these details.
Read more: Want to know if you've been hacked? Troy Hunt has the details
Richard Meeus, vice president of technology EMEA at NSFOCUS told WIRED: “With the massive data breaches announced last week by Yahoo – remember it was one billion accounts – it has never been more important to use different passwords on ever site and use two factor authentication where possible.”
If you are concerned your account details have been accessed in a hack, renowned security expert Troy Hunt runs Have I Been Pwned, a website which tracks every significant breach and lets you check if your email has been hacked. Users can sign up to be notified if they are ever pwned.
As well as this, Hunt and Paul Fletcher, cybersecurity evangelist at Alert Logic, insist on users employing good password hygiene online. For instance, don’t use the same password on multiple sites, use different security questions on different security systems and ensure that the passwords you do use are strong: include a random assortment of lower and upper case letters, numbers and non-numeric punctuation.
This article was originally published by WIRED UK
