The email addresses and unencrypted passwords of all 300,000 of a Groupon subsidiary's users have been exposed, StorefrontBacktalk reported June 30.

The unit, Sosasta, is Groupon's subsidiary in India. The unit's user database was found online by a security consultant in Australia, the article said.

The consultant was doing an Internet search seeking exposed databases, and notified Groupon of his find on June 23, the article said.

Groupon bought Sosasta in January. It told StorefrontBacktalk that the subsidiary "runs its own platform and servers, and is not connected to Groupon sites in other countries."