Home > techcrunch > Groupon Exposes Customer Emails In Google Results

Groupon Exposes Customer Emails In Google Results

October 24th, 2010 10:26 admin Leave a comment Go to comments

Savvy Internet surfer Chris Crompton has found a flaw in Groupon’s email link encryption where adding the search term “addx” (exact Google search = allinurl: addx site:groupon.com) brings up emails of people who have subscribed to the Groupon newsletter. I am unable to tell whether these emails are from people who actually purchased the deals or just signed up for the email list unknowingly.

It looks like this is some kind of Google Analytics tracking flaw for a Groupon marketing campaign, and the emails are from people who have referred deals to others through Groupon’s insecure links. It seems as though when someone clicks on a deal link in a Groupon email and posts it anywhere else online, Google has indexed this sensitive information.

Groupon, which launched its service allowing merchants to create their own deals yesterday, looks like it’s suffering some scaling issues along the lines of what happened to purchase sharing startup Blippy when it exposed credit card numbers through Google search results in April.

I have gotten in touch with Google, Groupon and a few of the people with exposed email addresses about the flaw and will update this post when I hear back.

Source: Groupon Exposes Customer Emails In Google Results

Related Articles:

  1. ESRB Exposes Emails of Gamers Who Filed Privacy Complaints
  2. Why Google <3s Groupon
  3. In Local, Google And Groupon Are Now Competing For The Same Dollars
  4. Blippy Exposes Credit Card Numbers Through Simple Google Search
  5. Groupon To Partner With Expedia For Groupon Travel
blog comments powered by Disqus