Wednesday, April 6, 2011

Security Is Everyone Issue

Here is another example of how 1 small problem can affect many customers.

Late last week, Epsilon detected that customer information of a subset of Epsilon's email clients had been exposed by an unauthorized entry into its email system. The affected clients represent approximately 2% of Epsilon's total client base.

The data stolen from Epsilon -- names and email addresses -- isn't considered as sensitive as social-security and credit-card numbers. But security experts warn that a cybercriminal could still use the information to commit fraud, especially if they know which email addresses are associated with customers of particular businesses.

The Secret Service is investigating this breach and people who receive spam should report it to phishing-report@us.cert.gov.

The Epsilon computer system was accessed by an unauthorized party. College Board customer first and last names and email addresses may have been obtained. The College Board sent out a warning about opening links and attachments from unknown senders and spam.

UPDATE (4/3/2011): In addition to The College Board, about 50 businesses who were clients of Epsilon at some point have also been affected. Customer names and email addresses from the following businesses were exposed:

Companies that use Epsilon include;

1-800-Flowers

AbeBooks

AIR MILES Reward Program (Canada)

Ameriprise

Barclays Bank of Delaware (Barclay's L.L. Bean Visa card)

Beachbody

bebe

Best Buy

Best Buy Canada Reward Zone

Benefits Cosmetics

Brookstone

Capital One

Citi

City market

College Board

Dillons

Disney Destinations (The Walt Disney Travel Company)

Eddie Bauer Friends

Eileen Fisher

Ethan Allen

Food 4 Less

Fred Meyer

Fry's

Hilton Honors

Home Shopping Network (HSN)

Jay C

JPMorgan Chase

King Soopers

Kroger

Lacoste

Marriott Rewards

McKinsey Quarterly

MoneyGram

New York & Company

QFC

Ralphs

Red Roof Inn

Ritz-Carlton Rewards

Robert Half International

Smith Brands

Target

TD Ameritrade

TiVo

US Bank

Visa (Barclays Bank of Delaware/L.L. Bean Visa, BJ's Visa)

Walgreens

As of 4/4/2011, Epsilon estimates that the breach affected about 2% of its clients.

 

Technorati Tags: ,