thewayne | Entries tagged with epsilon

It might be a bit alarmist and controversial as to the value of the data that was copied, but there's some good information here. As a result, I've created a new email account for all corporate communications to reduce my exposure in the future. I suppose that I should have done this ages ago, but I didn't.

One suggestion for creating such an account: run the word through Google to see how many hits it gets. The root word that I chose only had 110 hits (it's non-English), and when I added a suffix to it there were zero hits.

http://threatpost.com/en_us/blogs/how-phishers-will-use-epsilon-data-against-you-041211

http://yro.slashdot.org/story/11/04/12/1634218/How-Attackers-Will-Use-Epsilon-Data-Against-You

Someone needs to take a clue-by-four to Epsilon's head.

http://www.npr.org/blogs/thetwo-way/2011/04/07/135218057/congress-seeks-more-information-on-epsilon-data-breach?sc=17&f=1019

Apparently it was known in November and they first started getting hacked in December. It was a malware email that the payload link loaded malware that defeated antivirus and then dug deeper.

http://www.itnews.com.au/News/253712,epsilon-breach-used-four-month-old-attack.aspx

http://it.slashdot.org/story/11/04/07/1341255/Epsilon-Breach-Used-Four-month-old-Attack

1-800-Flowers, AbeBooks, Air Miles, Ameriprise Financial, Barclays Bank Delaware, Beachbody, Bebe, Benefit Cosmetics, Best Buy, Borders, Brookstone, Capital One, Chase, Citi, City Market, The College Board, Dillons, Disney Destinations, Eileen Fisher, Ethan Allen, Food4Less, Fred Meyer, Fry’s, Hilton Hhonors, Home Shopping Network (HSN), Jay C, JPMorgan Chase, King Soopers, Kroger, LaCoste, LL Bean Visa Card, Marriott Rewards, McKinsey Quarterly, Meijer, New York & Company, QFC, Ralphs, Red Roof Inn, Ritz-Carlton Rewards, Robert Half Technologies, Smith Brands, soccer.com, Target, TigerDirect, TiVo, US Bank, Verizon, Visa, Walgreens.

I've received another one today and, judging by this list, I'll have a couple more coming in.

This list came from a Geekmom post, http://www.geekmom.com/2011/04/not-so-trusted-third-parties-why-youve-been-getting-your-email-was-leaked-notices/

Ars Technica has a slightly more detailed description as to what happened, but when you get down to it, there's not much of a story: service provider's server got hacked, data was downloaded by parties unknown, assume that spam levels and spear phishing attacks will rise.

http://arstechnica.com/security/news/2011/04/marketers-security-blunder-means-headaches-for-tivo-chase-users.ars

Got an email a couple of nights ago from Tivo that their email processing service had been hacked and my email address had been compromised, so be on the lookout for more spam email. What a surprise. Today, Walgreens sent a similar email.

*sigh*

Both assured me that no other information was compromised and that it was a third-party email system that was only used for email marketing campaigns. We'll see.

[EDIT]

The instant after I posted this message, I got the following from 1-800-Flowers:

One of our email service providers, Epsilon, has informed us that we
are among a group of companies affected by a data breach that may
have exposed your email address to unauthorized third parties.
It's important to know that this incident did not
involve other account or personally identifiable information.

Always strive to learn something useful. --Sophocles

You are coming to a sad realization. Cancel or allow?

Entries tagged with epsilon

How phishers might use the data from the Epsilon hack

Congress gets involved in the Epsilon data breach

The Epsilon hack? They knew about the attack vector over 4 months ago.

List of companies' email lists compromised in the Epsilon breach

Gotta love them data breaches!

Profile

January 2026

Syndicate

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags