LivingSocial, which is an online company that provides an assortment of deals on all types of goods and services just announced that it had been hacked and data on 50 million of its customers was stolen. The good news is that the hackers did not get customers’ credit card numbers. The bad news is that they did get their names, email addresses, dates of birth and encrypted passwords. It is important to remember that even though the passwords were encrypted, due to the manner of the encryption of the passwords, it is still possible, albeit difficult, for the hackers to crack the encryption and gain access to the passwords. The danger to LivingSocial customers cannot be overestimated. Identity thieves and scam artists can use the email addresses and names to enable them to do a type of scam called “spear phishing” through which you will get a phony email from the scammer posing as a company or agency with which you have a relationship in which you are lured to click on a link or download a document that contains malware such as a keystroke logging malware program that can steal all of the information on your computer, such as passwords, credit card numbers, your Social Security number and other information that can be used to make you a victim of identity theft. People are more likely to fall for a spear phishing scam because the email uses your name and is directed to you personally. Having your email address also makes it easier for a scammer or identity thief to take control of your email account and send phony emails to friends of yours that may contain malware. Finally, since many people use the same password for multiple accounts, if your LivingSocial password is cracked, you are in danger on any account where you use that password.
This hacking once again illustrates that you are only as safe as the companies with which you do business with the weakest security. Never leave your credit card number to be stored by a company merely for convenience in making purchases in the future. If you are a LivingSocial user, change your password for LivingSocial as well as every other company with which you do business. In fact, it is a good idea to regularly change your passwords and make them different for each company. Check your email for indications that it has been hacked into and if it is, follow the instructions for remedying the situation found elsewhere on Scamicide and in my book “50 Ways to Protect Your Identity in a Digital Age.” Never click on links or downloads unless you are absolutely sure that they are legitimate and keep your security software up to date.