About 50 clients hit by Epsilon e-mail marketing breach
IDG News Service - About 50 companies were affected by a major security breach at e-mail service provider Epsilon Interactive that caused many U.S. corporations to warn their customers of online attacks Monday.
Epsilon first warned of the incident Friday, saying that someone had got into company systems and obtained e-mail addresses and names belonging to some of its customers. But it wasn't immediately clear how many of its 2,500 clients were at risk. Epsilon is still being tight-lipped about the problem, but it has now given a clearer picture of how many companies are affected.
In a brief statement posted to Epsilon's website Monday, the company said that "approximately 2 percent of total clients" -- about 50 businesses -- were hit.
Customers of many of these businesses, which include Target, Citigroup, Tivo and Walgreens, woke up Monday to e-mail warnings, telling them that their e-mail addresses had been stolen, and that spam or malicious messages could be coming their way. But so far, Epsilon has refused to provide a detailed list of all companies that were affected.
Companies hire Epsilon to send out a total of more than 40 billion messages on their behalf each year.
With millions of addresses thought to have been stolen, the problem may be worse than many people realize, security experts said Monday.
That's because once scammers know their victims' names and e-mail addresses, along with the companies that they do business with, they can craft very targeted "spear-phishing" e-mail attacks that try to trick victims into revealing more sensitive information such as passwords or account numbers.
"Everybody is downplaying it by saying, 'at least they didn't get financial information.' Well that's true, but what they did get was enough to potentially get financial information [in a phishing attack]," said Neil Schwartzman, executive director with the Coalition Against Unsolicited Commercial Email, a consumer advocacy group based in Montreal.
The IDG News Service has confirmed that the following companies have warned customers about the breach. Because Epsilon is often engaged by business units within these firms, not everyone who does business with these companies has had their e-mail address stolen. If you have received a notification from a company that is not included on this list, please contact email@example.com.
JP Morgan Chase
New York & Company
- Snowden advocates at SXSW for improved data security
- Joomla receives patches for zero-day SQL injection vulnerability, other flaws
- NSA used 'European bazaar' to spy on EU citizens
- Target CIO resigns following breach
- Evan Schuman: Mobile IT Roach Motel: Data checks in, but it won't check out
- Sears finds no evidence of data breach -- yet
- Gameover malware is tougher to kill with new rootkit component
- Mobile app for RSA Conference exposes personal data
- UK man charged with hacking Federal Reserve
- Bloomberg clamps down with data-access policies after scandal
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- IDC Report: The Future of eMail is Social This paper discusses the changing nature of collaboration and work fueled by the social Web by examining current email trends and the emergence...
- The Business of Social Business Social business represents a significant transformational opportunity for organizations. Read this whitepaper to learn more.
- Six Ways Your Small Business Can Save with Internet Phone Service Traditional phone systems present two main problems for businesses: limited features and high costs. As a result, small businesses are migrating to Internet...
Red Hat Enterprise Linux - The Original Cloud Operating System
Linux adoption is growing against a number of measures, such as the
number of supercomputers that run Linux and the size of the contributing...
- Supercharge Your Web and Mobile App Development with High-Productivity Hybrid Cloud Webinar: Hear from industry experts about the amazing power at the intersection of next-generation web and mobile application development and cloud platforms.
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have. All Internet White Papers | Webcasts