Groupon logo

Starting with December 16, scores of Groupon UK users have been complaining online about having their accounts hacked after finding out that fraudsters have placed countless of orders using the payment card the victims had attached to their Groupon profile.

According to multiple tweets, some of which have been embedded below, the hackers had ordered expensive products on the user's card, and sent it to various addresses across the UK, where a money mule most likely picked up and resold it.

Some users reported small losses, of a few pounds, but others said that fraudsters ordered expensive smartphones and electronics, some of which reached values of thousands of pounds.

A quick search by Bleeping Computer couldn't find users complaining about getting hacked in the US and Canada. At the time of writing, the hacks seem to be impacting only Groupon UK users.

In fact, the only person who complained about getting hacked to the Groupon US support Twitter account was a UK user that reached out to the wrong account.

The targeting of only Groupon UK users might imply that the hackers are also located in the UK, or at least are collaborating with money mules from the UK, where the mules can pick up the illegally ordered products.

Groupon blames hacks on third-party security breaches

Speaking to a reporter from MoneySavingExpert, who first spotted the hacking trend, Groupon blamed the incident on data breaches that took place at other services.

The company blamed password reuse as the main source of these hacks, urging customers once more to update passwords if they've reused them anywhere else.

UK-based or any other Groupon users who find mysterious transactions on their profile should immediately contact their bank to stop the financial operation, and file a refund request with Groupon, which usually takes around ten days to resolve.

Related Articles:

QNAP, Synology, Lexmark devices hacked on Pwn2Own Day 3

Samsung Galaxy S24 and Sonos Era hacked on Pwn2Own Ireland Day 2

Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland

X hacking spree fuels "$HACKED" crypto token pump-and-dump