Text 100 - IBM spinners who never say a word....
|
|
|
Banks hit by 'biggest name and email address heist in US history'
BIG US BANKS JPMorgan Chase, Citigroup and US Bank are just three of the companies affected by a massive data breach at online marketing firm Epsilon.
These are just a few of the companies that do business with Epsilon, which said in a statement that its clients "were exposed by an unauthorised entry into Epsilon's email system".
Epsilon is a firm that sends billions of emails ads each year to people who register their interest at its customers' websites or give their email addresses when shopping. At the moment it is unclear how many people have been affected, but Reuters claimed "it could be one of the biggest such data breaches in US history".
Fortunately, so far it seems that the details taken were limited to email addresses or customer names only, with a "rigorous assessment" determining that "no other personal identifiable information associated with those names was at risk". Epsilon's statement said, "A full investigation is currently underway."
Other companies reported to have been affected include Kroger supermarkets, Tivo, the Capital One credit card company, Ameriprise Financial, McKinsey & Company, Ritz-Carlton Rewards, Marriott Rewards, Walgreens drugstores, Disney Destinations, Best Buy, the teleshopping firm Home Shopping Network (HSN) and others. It is also thought that the names and email addresses of US-based college students registered with The College Board might have been compromised.
The UK cosmetics retailer Benefit Cosmetics is another company affected, as it sent customers an email saying that it it was informed by a 'former email vendor' that "the database with our customers' names and email addresses has been compromised by an unauthorised person" and that "This data breach has also affected several other companies that work with this vendor."
Benefit Cosmetics has told The INQUIRER in an email that Epsilon is the vendor it was talking about.
Recently, UK retailer Play.com suffered a similar data breach after its email service provider Silverpop fell victim to an attack.
Graham Cluley, security expert at Sophos said to The INQUIRER, "I think we need to keep this one in proportion because it's just email addresses and names that have been lost on this occasion."
"It's not as bad as losing credit card information, which has happened with other attacks in the past. But it's not ideal, because spammers can use this information to send out campaigns, they could pose as the companies, phish for information and send out malicious links."
Cluley added, "Also these databases of email information can now be sold to other spammers as they have a value in the criminal underground. Generally, you might find that you are receiving more spam." µ
Tags: Security
Share this:
Share
This breach is remarkable because of the number of companies and customers it affects, but realistically, it would have been much worse had credit card numbers, social security numbers or other similar types of high-value personal information been compromised. The biggest potential issue this may cause is an increased level of spam and phishing attacks for those whose names and email addresses were hacked, requiring extra vigilance on the part of those who were affected. However, this type of incident should not be taken lightly. It’s another reminder that privacy is an illusion on the internet.
Money... duh!
Stores sell info for money... and stores buy info with money... all about money...
Best Buy sent me an email yesterday to tell me about this and to apologize. My question is, why the heck did Best Buy even give my name and e-mail to Epsilon? Why can't they just be responsible and keep only the minimum data about me in THEIR OWN database and protect that properly and not share it with anybody? I never buy anything from spam e-mail anyway.