Groupon Exposes Customer Emails In Google Results…Again
A while back we wrote about a flaw in Groupon's email link encryption, which revealed the emails of some Groupon users when "addx" was added into a Google search of Groupon's site. We've been alerted that is still happening, with about 170 emails coming up when we searched (last time around it was less than 80). The last time around, Groupon director of engineering Shinji Kuwayama told us that the emails were made public because some subscribers had "pasted their deals into publicly-crawlable pages around the Web," but also that it was working on a solution to exclude those results. So why these are appearing now is unclear. We're contacting Groupon to see if there is an explanation.
Screen shot 2012-06-29 at 06.47.30

A while back we wrote about a flaw in Groupon’s email link encryption, which revealed the emails of some Groupon users when “addx” was added into a Google search of Groupon’s site. We’ve been alerted that is still happening, with about 170 emails coming up when we searched (last time around it was less than 80).

The last time around, Groupon director of engineering Shinji Kuwayama told us that the emails were made public because some subscribers had “pasted their deals into publicly-crawlable pages around the Web,” but also that it was working on a solution to exclude those results. So why these are appearing now is unclear. We’re contacting Groupon to see if there is an explanation.

To put this in one kind of perspective, the number of emails here is a very small percentage of Groupon’s overall active customer base, reported as 36.9 million users its last quarterly results in May. The company’s email subscriber list will number in the hundreds of millions.

On the other hand, not everyone wants their browsing or purchasing histories, linked to their email addresses, made public. Even with that small number, it’s bad privacy PR for Groupon, which has ambitions to go beyond the daily deal to become a wider e-commerce platform.

From what I’ve seen so far, the search results (found by entering allinurl: addxused Twitter to alert Groupon’s Andrew Mason about the issue. The email leak has also been noted on a GetSatisfaction page for Groupon.



Stock Market XML and JSON Data API provided by FinancialContent Services, Inc.
Nasdaq quotes delayed at least 15 minutes, all others at least 20 minutes.
Markets are closed on certain holidays. Stock Market Holiday List
By accessing this page, you agree to the following
Privacy Policy and Terms and Conditions.
Press Release Service provided by PRConnect.
Stock quotes supplied by Six Financial
Postage Rates Bots go here