Deals website Groupon has been targeted by hackers and a users left out of pocket, according to reports.
According to the Telegraph, hacked users have mislaid thousands of pounds as a outcome of a enemy regulating their accounts to buy things like holidays and Playstation games consoles on their accounts.
“Someone hacked my Groupon comment and bought a $3,000 European vacation”, says one pooped on Groupon user. “My Groupon comment got hacked into during 4am this morning. Someone has bought themselves an iPhone 6 among other products”, combined another.
However, go behind to November, according to some reports, with some users angry that a association has been delayed to respond – or reacted during all.
Ok it’s been 5 days given someone hacked my @Groupon_UK comment and groupon STILL haven’t helped me notwithstanding large emails to them!
— Samantha King (@SamMKing27) December 20, 2016
It did conflict to a Telegraph, though, implying that it was users’ error for carrying diseased passwords.
“What we are saying is a really tiny series of business who have had their comment taken over by fraudsters. As with any vital online retailer, we take rascal intensely severely and have a dedicated group to examine patron issues as shortly as they are reported,” pronounced a orator for a company.
“If someone believes they’ve been a plant of a fake attack, we examine it and, if confirmed, retard a comment immediately and reinstate a customer’s income behind to them.”
However, a idea to use “strong” passwords is easier pronounced than finished when companies themselves display users user names and passwords.
“With the large information breaches announced final week by Yahoo – remember it was one billion accounts – it has never been some-more critical to use opposite passwords on each site and use two-factor authentication where possible,” pronounced Richard Meeus, clamp boss of technology, EMEA, during confidence association NSFOCUS.
“Using a same user name and cue on each site should not be function any more. We need to change user detachment towards passwords, and maybe also get website owners to be some-more active in ancillary their business by checking their user databases opposite a lists of breached accounts.”