Update: Bank customers warned after breach at Epsilon marketing firm
IDG News Service - Citibank, JP Morgan Chase and the Kroger supermarket chain are warning customers that their names and e-mail addresses may have fallen into the wrong hands after someone broke into computer systems at e-mail marketing giant Epsilon.
Epsilon, whose other customers include Visa, Kraft, and Marriott International, acknowledged the incident in a brief statement Friday. "On March 30th, an incident was detected where a subset of Epsilon clients' customer data were exposed by an unauthorized entry into Epsilon's email system," Epsilon said. "The information that was obtained was limited to email addresses and/or customer names only."
Epsilon said it doesn't believe any other personal information was compromised, but it is now working with authorities on an investigation, a company spokeswoman said Friday.
Epsilon only learned of the breach on Wednesday and it is unclear yet how serious the issue is. On Friday, spokespeople for Chase and Epsilon declined to say much beyond their prepared statements.
In a letter to customers, Kroger said customer names and e-mail addresses were stolen. "As a result, it is possible you may receive some spam email messages," Kroger said. "We apologize for any inconvenience. Kroger wants to remind you not to open emails from senders you do not know. Also, Kroger would never ask you to email personal information such as credit card numbers or social security numbers. If you receive such a request, it did not come from Kroger and should be deleted," the letter states.
Epsilon sent 6.5 billion e-mail marketing messages in 2009, but the company also runs loyalty programs for Citi and Chase credit card users, and the kind of information stored in its databases could be extremely valuable to criminals looking to steal banking information in phishing attacks.
Because of the risk of phishing, customers should be sure to check the Email Security Zone at the top-right of Citibank emails to be sure their correct name and the last four digits of their card number appear there, Citibank said Friday.
The information obtained in the breach "was limited to customer name and email addresses of some credit card customers," Citibank said in a statement. "No account information or other information was compromised."
Epsilon told Chase that none of its customers' financial information was compromised, the bank said Friday in a press release.
Kroger has posted a frequently asked questions document about the incident.
Marriott could not immediately be reached for comment.
- Hackers steal user data from the European Central Bank website, demand money
- Arrests made after international cyber-ring targets StubHub
- SQL injection flaw opens door for Wall Street Journal database hack
- Goodwill Industries probes possible payment card breach
- Aloha point-of-sale terminal, sold on eBay, yields security surprises
- The biggest data breaches of 2014 (so far)
- Blue Shield discloses 18,000 doctors' Social Security numbers
- PF Chang's says breach was 'highly sophisticated criminal operation'
- Breaches exposed 1 in 7 US debit cards in 2013
- New malware program targets banking data
- Social Media Education: The New Edge for Success Failure to train for social media will cost your business money. A recent report showed how digitally prepared companies can unlock up to...
- Social Media in Technology: A Unified Strategy for Success Find out how social media is sparking a new era of customer and industry-understanding in technology enterprises and how industry leaders are overcoming...
- Printer Installer: Eliminating Print Servers Printer Installer is an on-premise web application that enables you to centrally manage and deploy Windows shared or direct iP printers.
- How Network Connections Drive Web Application Performance Users around the globe, on all sorts of devices, expect Web applications to function as seamlessly as desktop applications. This paper discusses the...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Why Are Customers Really Deploying an NGFW? It seems every IT Security expert is talking about the NGFW, but what are people really doing? This webcast covers 5 real-world customer... All Internet White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!