List of companies' email lists compromised in the Epsilon breach

[thewayne]

1-800-Flowers, AbeBooks, Air Miles, Ameriprise Financial, Barclays Bank Delaware, Beachbody, Bebe, Benefit Cosmetics, Best Buy, Borders, Brookstone, Capital One, Chase, Citi, City Market, The College Board, Dillons, Disney Destinations, Eileen Fisher, Ethan Allen, Food4Less, Fred Meyer, Fry’s, Hilton Hhonors, Home Shopping Network (HSN), Jay C, JPMorgan Chase, King Soopers, Kroger, LaCoste, LL Bean Visa Card, Marriott Rewards, McKinsey Quarterly, Meijer, New York & Company, QFC, Ralphs, Red Roof Inn, Ritz-Carlton Rewards, Robert Half Technologies, Smith Brands, soccer.com, Target, TigerDirect, TiVo, US Bank, Verizon, Visa, Walgreens.

I've received another one today and, judging by this list, I'll have a couple more coming in.

This list came from a Geekmom post, http://www.geekmom.com/2011/04/not-so-trusted-third-parties-why-youve-been-getting-your-email-was-leaked-notices/

Ars Technica has a slightly more detailed description as to what happened, but when you get down to it, there's not much of a story: service provider's server got hacked, data was downloaded by parties unknown, assume that spam levels and spear phishing attacks will rise.

http://arstechnica.com/security/news/2011/04/marketers-security-blunder-means-headaches-for-tivo-chase-users.ars

Comments

[silveradept]

I'm beginning to think that crackers are wising up, and that they're shifting over to attacking these third parties to get their lists for nefarious purposes. What would your odds be that those "trusted third parties" don't have as much security behind them?

[thewayne.livejournal.com]

I'm beginning to class "trusted third party" as an oxymoron.

[silveradept]

Well, they are trusted. They're just not secure, which should be a component of trust and isn't.