The entire customer database of a Groupon subsidiary in India has been leaked and indexed by Google.
Sosasta.com exposed the database by mistake which included usernames and passwords for customers of the group buying website.
The company informed customers of the breach by email and advised them to change passwords.
It said financial information was not exposed.
"We wanted to let you know that the issue has been brought under control and your accounts are secure. However, as a precautionary measure, we recommend that you change your Sosasta password immediately," it said in a email.
"You should know that we are working aggressively to prevent this from happening again. Sosasta takes security and privacy very seriously."
Groupon said in a statement that Sosasta runs a separate platform and is not connected to the Groupon Australian site.
Sydney security researcher Daniel Grzelak discovered the database indexed by Google and contacted Risky.Biz which reported the incident.
Copyright © SC Magazine, Australia
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED GOES EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @itnews.com.au to your white-listed senders.