Groupon
Company Details
Linkedin ID:
groupon
Employees number:
10,563
Number of followers:
356,075
NAICS:
5112
Industry Type:
Homepage:
greenhouse.io
IP Addresses:
0
Company ID:
GRO_7956297
Scan Status:
In-progress
Groupon Company CyberSecurity Posture
greenhouse.io
Groupon is an experiences marketplace that brings people more ways to get the most out of their city or wherever they may be. By enabling real-time mobile commerce across local businesses, live events and travel destinations, Groupon helps people find and discover experiences––big and small, new and familiar––that make for a full, fun and rewarding life. Groupon helps local businesses grow and strengthen customer relationships––resulting in strong, vibrant communities. E-commerce never stands still, our transformation strategy, combined with our strong brand, customer base, and marketplace expertise, ensures we are constantly adapting to the evolving market landscape while delivering value for our customers and merchant partners. Groupon is on a radical journey to transform our business. To meet our aggressive goals we are in the process of building a culture that prioritises fast decisions, open communication, and relentless pursuit of results. In the spirit of transparency, things aren't perfect, there are still processes to change and bureaucracy to break so we need people who want to be on this journey with us. Check out our current opportunities with #TeamGroupon and join us on our exciting mission to become The Ultimate Destination For Local Experiences and Services.
Groupon A.I CyberSecurity Scoring
Groupon Risk Score (AI oriented)Between 700 and 749
Groupon
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Groupon Global Score (TPRM)XXXX
Groupon
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Groupon Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Groupon
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: A cybercriminal has admitted to hacking businesses like Uber, Sainsbury's, and Groupon to sell customers' personal information on the dark web. The other targets included Nectar, T-Mobile, Asda, Ladbrokes, Coral, and Argos. The data comprised all the information required to complete an online purchase and was then promoted and sold to clients through his dark website. The firm is thought to have lost more than £200,000 due to the theft, although no financial data was collected. West pleaded guilty to two counts of conspiring to defraud, one count of hacking a computer, four counts of possessing and supplying marijuana, two counts of having criminal property, and one crime of money laundering Bitcoins. The leaked data is related to a security breach on a third-party vendor.
Groupon Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Groupon
Incidents vs Software Development Industry Average (This Year)
No incidents recorded for Groupon in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Groupon in 2026.
Incident Types Groupon vs Software Development Industry Avg (This Year)
No incidents recorded for Groupon in 2026.
Incident History — Groupon (X = Date, Y = Severity)
Groupon cyber incidents detection timeline including parent company and subsidiaries
Groupon Company Subsidiaries
Groupon is an experiences marketplace that brings people more ways to get the most out of their city or wherever they may be. By enabling real-time mobile commerce across local businesses, live events and travel destinations, Groupon helps people find and discover experiences––big and small, new and familiar––that make for a full, fun and rewarding life. Groupon helps local businesses grow and strengthen customer relationships––resulting in strong, vibrant communities. E-commerce never stands still, our transformation strategy, combined with our strong brand, customer base, and marketplace expertise, ensures we are constantly adapting to the evolving market landscape while delivering value for our customers and merchant partners. Groupon is on a radical journey to transform our business. To meet our aggressive goals we are in the process of building a culture that prioritises fast decisions, open communication, and relentless pursuit of results. In the spirit of transparency, things aren't perfect, there are still processes to change and bureaucracy to break so we need people who want to be on this journey with us. Check out our current opportunities with #TeamGroupon and join us on our exciting mission to become The Ultimate Destination For Local Experiences and Services.
Loading...
Groupon Similar Companies
NetSuite
Founded in 1998, Oracle NetSuite is the world’s first cloud company. For more than 25 years, NetSuite has helped businesses gain the insight, control, and agility to build and grow a successful business. First focused on financials and ERP, we now provide an AI-powered unified business system that
Workday
Workday is a leading provider of enterprise cloud applications for finance and human resources, helping customers adapt and thrive in a changing world. Workday applications for financial management, human resources, planning, spend management, and analytics are built with artificial intelligence and
Meituan
Adhering to the ‘Retail + Technology’ strategy, Meituan commits to its mission that 'We help people eat better, live better'. Since its establishment in March 2010, Meituan has advanced the digital upgrading of services and goods retail on both supply and demand sides. Together with our partners we
Cisco
Cisco is the worldwide technology leader that is revolutionizing the way organizations connect and protect in the AI era. For more than 40 years, Cisco has securely connected the world. With its industry leading AI-powered solutions and services, Cisco enables its customers, partners and communities
Alibaba Group
🌍Alibaba Group is on a mission to make it easy to do business anywhere! Guided by our passion and imagination, we’re leading the way in AI, cloud computing and e-commerce. We aim to build the future infrastructure of commerce, and we aspire to be a good company that lasts for 102 years.
Snowflake
Snowflake delivers the AI Data Cloud — a global network where thousands of organizations mobilize data with near-unlimited scale, concurrency, and performance. Inside the AI Data Cloud, organizations unite their siloed data, easily discover and securely share governed data, and execute diverse analy
PedidosYa
We’re the delivery market leader in Latin America. Our platform connects over 77.000 restaurants, supermarkets, pharmacies and stores with millions of users. Nowadays we operate in more than 500 cities in Latinamerica. And we are now over 3.400 employees. PedidosYa is available for iOS, Android and
UKG
UKG is the Workforce Operating Platform that puts workforce understanding to work. With the world's largest collection of workforce insights, and people-first AI, our ability to reveal unseen ways to build trust, amplify productivity, and empower talent, is unmatched. It's this expertise that equips
Xiaomi Corporation was founded in April 2010 and listed on the Main Board of the Hong Kong Stock Exchange on July 9, 2018 (1810.HK). Xiaomi is a consumer electronics and smart manufacturing company with smartphones and smart hardware connected by an IoT platform at its core. Embracing our vision
.png)
Groupon CyberSecurity News
September 14, 2025 07:00 AM
Companies That IPO’d in 2011: Biggest Winners and Losers
The Class of 2011 was a mixed bag. Dunkin' and LinkedIn turned steady business models into big wins, while Groupon and Pandora show how fast...
September 08, 2025 07:00 AM
The London Event Every Product And Cybersecurity Professional Should Know About
Introducing BUILT DIFFERENT: a panel and mixer for product and cybersecurity professionals happening in London on October 2, 2025.
August 22, 2024 11:30 AM
Bitdefender Coupon Codes for Jan 2026 | 44% OFF
Use one of these 4 tried & tested Bitdefender coupon codes to save on internet security, antivirus, VPN, and password management.
July 30, 2024 07:00 AM
'The worst thing you can do' after a data breach, according to a cybersecurity expert
Data breaches are so common that you may be tempted to ignore them altogether. But doing so is a big mistake, cybersecurity experts say.
July 01, 2024 07:00 AM
Coupon Scams: What They Are, How They Happen, and How to Protect Yourself
Coupons are a great way to save money on products and services, whether online or in physical stores.
May 22, 2024 07:00 AM
Groupon co-founder’s VC firm, family foundation targeted in 2022 cyberattack
The joke among cybersecurity experts is that there are two kinds of people: those who've been hacked and those who don't know it yet.
January 22, 2024 08:00 AM
Mother of All Breaches: a Historic Data Leak Reveals 26 Billion Records
The supermassive leak contains data from numerous previous breaches, comprising an astounding 12 terabytes of information, spanning over a mind-boggling 26...
September 14, 2021 07:00 AM
San Gabriel Valley Tribune
Former Information Security Executive for Groupon, CBS and Oracle Brings Extensive Experience Enhancing Cybersecurity Strategies to Ping.
November 29, 2018 07:05 PM
40s 2018 - navigation
Saurabh Sharma is a bundle of contradictions: a techie and a dealmaker, a quantitative analyst and coder who likes to perform in plays.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Groupon CyberSecurity History Information
Official Website of Groupon
The official website of Groupon is https://job-boards.eu.greenhouse.io/groupon?.
Groupon’s AI-Generated Cybersecurity Score
According to Rankiteo, Groupon’s AI-generated cybersecurity score is 738, reflecting their Moderate security posture.
How many security badges does Groupon’ have ?
According to Rankiteo, Groupon currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Groupon been affected by any supply chain cyber incidents ?
According to Rankiteo, Groupon has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Groupon have SOC 2 Type 1 certification ?
According to Rankiteo, Groupon is not certified under SOC 2 Type 1.
Does Groupon have SOC 2 Type 2 certification ?
According to Rankiteo, Groupon does not hold a SOC 2 Type 2 certification.
Does Groupon comply with GDPR ?
According to Rankiteo, Groupon is not listed as GDPR compliant.
Does Groupon have PCI DSS certification ?
According to Rankiteo, Groupon does not currently maintain PCI DSS compliance.
Does Groupon comply with HIPAA ?
According to Rankiteo, Groupon is not compliant with HIPAA regulations.
Does Groupon have ISO 27001 certification ?
According to Rankiteo,Groupon is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Groupon
Groupon operates primarily in the Software Development industry.
Number of Employees at Groupon
Groupon employs approximately 10,563 people worldwide.
Subsidiaries Owned by Groupon
Groupon presently has no subsidiaries across any sectors.
Groupon’s LinkedIn Followers
Groupon’s official LinkedIn profile has approximately 356,075 followers.
NAICS Classification of Groupon
Groupon is classified under the NAICS code 5112, which corresponds to Software Publishers.
Groupon’s Presence on Crunchbase
Yes, Groupon has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/groupon.
Groupon’s Presence on LinkedIn
Yes, Groupon maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/groupon.
Cybersecurity Incidents Involving Groupon
As of January 21, 2026, Rankiteo reports that Groupon has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Groupon has an estimated 28,123 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Groupon ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
What was the total financial impact of these incidents on Groupon ?
Total Financial Loss: The total financial loss from these incidents is estimated to be $200 thousand.
Incident Details
Can you provide details on each incident ?
Title: Cybercriminal Hacks Multiple Businesses to Sell Customer Data
Description: A cybercriminal has admitted to hacking businesses like Uber, Sainsbury's, and Groupon to sell customers' personal information on the dark web.
Type: Data Breach
Attack Vector: Third-Party Vendor Breach
Threat Actor: Cybercriminal (unspecified individual)
Motivation: Financial Gain
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
What is the average financial loss per incident ?
Average Financial Loss: The average financial loss per incident is $200.00 thousand.
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information.
Which entities were affected by each incident ?
Incident : Data Breach GRO184224323
Entity Name: T-Mobile
Entity Type: Company
Industry: Telecommunications
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach GRO184224323
Type of Data Compromised: Personal Information
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Cybercriminal (unspecified individual).
Impact of the Incidents
What was the highest financial loss from an incident ?
Highest Financial Loss: The highest financial loss from an incident was £200,000.
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Personal Information.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Personal Information.
.png)
Latest Global CVEs (Not Company-Specific)
Description
SummaryA command injection vulnerability (CWE-78) has been found to exist in the `wrangler pages deploy` command. The issue occurs because the `--commit-hash` parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control of `--commit-hash` to execute arbitrary commands on the system running Wrangler. Root causeThe commitHash variable, derived from user input via the --commit-hash CLI argument, is interpolated directly into a shell command using template literals (e.g., execSync(`git show -s --format=%B ${commitHash}`)). Shell metacharacters are interpreted by the shell, enabling command execution. ImpactThis vulnerability is generally hard to exploit, as it requires --commit-hash to be attacker controlled. The vulnerability primarily affects CI/CD environments where `wrangler pages deploy` is used in automated pipelines and the --commit-hash parameter is populated from external, potentially untrusted sources. An attacker could exploit this to: * Run any shell command. * Exfiltrate environment variables. * Compromise the CI runner to install backdoors or modify build artifacts. Credits Disclosed responsibly by kny4hacker. Mitigation * Wrangler v4 users are requested to upgrade to Wrangler v4.59.1 or higher. * Wrangler v3 users are requested to upgrade to Wrangler v3.114.17 or higher. * Users on Wrangler v2 (EOL) should upgrade to a supported major version.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L).
Risk Information
cvss3
Base: 8.1
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=groupon' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
