Epsilon breach affects millions of people, including me.

Share this story:Tweet about this on Twitter0Share on LinkedIn0Share on Google+0Share on Facebook0

I, like many others, have received security notifications about the Epsilon data breach.  In the last 48-hours I have been sent email warnings from 8 companies that I trusted with my personal information – Banks, retailers and hotels.

These companies entrusted my private contact information to Epsilon, a 3rd party e-mail marketing company…. And that information has now been compromised by hackers.  Awesome.

Details of this massive breach are still rolling in, but so far the list of affected companies is known to include: Ameriprice Financial; Best Buy; Brookstone; Capital One; Citibank; Disney Destinations; Hilton; Home Shopping Network; JPMorgan Chase; Kroger; LL Bean Visa Card; Marriott; QVC; Robert Half; Red Roof Inn; Ritz-Carlton; Target; The College Board; TiVo; US Bank; Walgreens; 1-800-FLOWERS.  And there are likely many more that we haven’t heard about yet.

The Epsilon e-mail breach is a warning about the data security standards employed by third-party service providers, as well as a not-so-subtle reminder to organizations to require strong contractual obligations related to security practices with every business partner and third-party provider you do business with.  As we learned with Epsilon, the privacy – and trust – of your customers may depend on it.

Lastly, be on the lookout for scam emails in your inbox.  The Epsilon breach is an example of how hackers can now match your name and email address to companies that you interact with.  So get ready for the onslaught of emails trying to trick you into handing over your online usernames and passwords.  I suggest not clicking links embedded in emails, instead always go to the company website directly and logon from their safe homepage.  Check out this informative article on The Last Watchdog for more on spear phishing risks as well as some commentary by Ipswitch’s Frank Kenny on data breaches and customer notifications.

This entry was posted in Data Breach, Enforcement, File Security, Security, Visibility and tagged , , , , , , , , , , , , , , , , , , , , , , , , , , , , . Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

2 Comments

  1. Posted April 6, 2011 at 1:36 pm | Permalink

    It seems to get worse everyday.. here’s a great writeup on Wired, too.

    http://news.cnet.com/8301-27080_3-20051038-245.html

  2. Posted April 8, 2011 at 4:42 pm | Permalink

    People won’t just stop using email. What we need to do is help educate subscribers so they don’t fall victim to scams. We need to make sure the email systems we use are keeping up with the latest security procedures.
    http://priorityresults.com/blog/addressing-your-email-marketing-in-the-wake-of-the-epsilon-breach/

Leave a Reply