Update: Bank customers warned after breach at Epsilon marketing firm
IDG News Service - Citibank, JP Morgan Chase and the Kroger supermarket chain are warning customers that their names and e-mail addresses may have fallen into the wrong hands after someone broke into computer systems at e-mail marketing giant Epsilon.
Epsilon, whose other customers include Visa, Kraft, and Marriott International, acknowledged the incident in a brief statement Friday. "On March 30th, an incident was detected where a subset of Epsilon clients' customer data were exposed by an unauthorized entry into Epsilon's email system," Epsilon said. "The information that was obtained was limited to email addresses and/or customer names only."
Epsilon said it doesn't believe any other personal information was compromised, but it is now working with authorities on an investigation, a company spokeswoman said Friday.
Epsilon only learned of the breach on Wednesday and it is unclear yet how serious the issue is. On Friday, spokespeople for Chase and Epsilon declined to say much beyond their prepared statements.
In a letter to customers, Kroger said customer names and e-mail addresses were stolen. "As a result, it is possible you may receive some spam email messages," Kroger said. "We apologize for any inconvenience. Kroger wants to remind you not to open emails from senders you do not know. Also, Kroger would never ask you to email personal information such as credit card numbers or social security numbers. If you receive such a request, it did not come from Kroger and should be deleted," the letter states.
Epsilon sent 6.5 billion e-mail marketing messages in 2009, but the company also runs loyalty programs for Citi and Chase credit card users, and the kind of information stored in its databases could be extremely valuable to criminals looking to steal banking information in phishing attacks.
Because of the risk of phishing, customers should be sure to check the Email Security Zone at the top-right of Citibank emails to be sure their correct name and the last four digits of their card number appear there, Citibank said Friday.
The information obtained in the breach "was limited to customer name and email addresses of some credit card customers," Citibank said in a statement. "No account information or other information was compromised."
Epsilon told Chase that none of its customers' financial information was compromised, the bank said Friday in a press release.
Kroger has posted a frequently asked questions document about the incident.
Marriott could not immediately be reached for comment.
- Snowden advocates at SXSW for improved data security
- Joomla receives patches for zero-day SQL injection vulnerability, other flaws
- NSA used 'European bazaar' to spy on EU citizens
- Target CIO resigns following breach
- Evan Schuman: Mobile IT Roach Motel: Data checks in, but it won't check out
- Sears finds no evidence of data breach -- yet
- Gameover malware is tougher to kill with new rootkit component
- Mobile app for RSA Conference exposes personal data
- UK man charged with hacking Federal Reserve
- Bloomberg clamps down with data-access policies after scandal
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- IDC Report: The Future of eMail is Social This paper discusses the changing nature of collaboration and work fueled by the social Web by examining current email trends and the emergence...
- The Business of Social Business Social business represents a significant transformational opportunity for organizations. Read this whitepaper to learn more.
- Six Ways Your Small Business Can Save with Internet Phone Service Traditional phone systems present two main problems for businesses: limited features and high costs. As a result, small businesses are migrating to Internet...
- Is Your Big Data Solution Production-Ready? Read "Is Your Big Data Solution Production-Ready?" now, and discover best practices and actionable steps to implementing a production-ready big data solution.
- Supercharge Your Web and Mobile App Development with High-Productivity Hybrid Cloud Webinar: Hear from industry experts about the amazing power at the intersection of next-generation web and mobile application development and cloud platforms.
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have. All Internet White Papers | Webcasts