BIG US BANKS JPMorgan Chase, Citigroup and US Bank are just three of the companies affected by a massive data breach at online marketing firm Epsilon.
These are just a few of the companies that do business with Epsilon, which said in a statement that its clients "were exposed by an unauthorised entry into Epsilon's email system".
Epsilon is a firm that sends billions of emails ads each year to people who register their interest at its customers' websites or give their email addresses when shopping. At the moment it is unclear how many people have been affected, but Reuters claimed "it could be one of the biggest such data breaches in US history".
Fortunately, so far it seems that the details taken were limited to email addresses or customer names only, with a "rigorous assessment" determining that "no other personal identifiable information associated with those names was at risk". Epsilon's statement said, "A full investigation is currently underway."
Other companies reported to have been affected include Kroger supermarkets, Tivo, the Capital One credit card company, Ameriprise Financial, McKinsey & Company, Ritz-Carlton Rewards, Marriott Rewards, Walgreens drugstores, Disney Destinations, Best Buy, the teleshopping firm Home Shopping Network (HSN) and others. It is also thought that the names and email addresses of US-based college students registered with The College Board might have been compromised.
The UK cosmetics retailer Benefit Cosmetics is another company affected, as it sent customers an email saying that it it was informed by a 'former email vendor' that "the database with our customers' names and email addresses has been compromised by an unauthorised person" and that "This data breach has also affected several other companies that work with this vendor."
Benefit Cosmetics has told The INQUIRER in an email that Epsilon is the vendor it was talking about.
Recently, UK retailer Play.com suffered a similar data breach after its email service provider Silverpop fell victim to an attack.
Graham Cluley, security expert at Sophos said to The INQUIRER, "I think we need to keep this one in proportion because it's just email addresses and names that have been lost on this occasion."
"It's not as bad as losing credit card information, which has happened with other attacks in the past. But it's not ideal, because spammers can use this information to send out campaigns, they could pose as the companies, phish for information and send out malicious links."
Cluley added, "Also these databases of email information can now be sold to other spammers as they have a value in the criminal underground. Generally, you might find that you are receiving more spam." µ
Now you can watch documentaries about horribly disfigured people whenever you like
Brad to the bone
Being in a minority of one doesn't make you right
WeWork needs a rework