Here is another example of how 1 small problem can affect many customers.
Late last week, Epsilon detected that customer information of a subset of Epsilon’s email clients had been exposed by an unauthorized entry into its email system. The affected clients represent approximately 2% of Epsilon’s total client base.
The data stolen from Epsilon — names and email addresses — isn’t considered as sensitive as social-security and credit-card numbers. But security experts warn that a cybercriminal could still use the information to commit fraud, especially if they know which email addresses are associated with customers of particular businesses.
The Secret Service is investigating this breach and people who receive spam should report it to firstname.lastname@example.org.
The Epsilon computer system was accessed by an unauthorized party. College Board customer first and last names and email addresses may have been obtained. The College Board sent out a warning about opening links and attachments from unknown senders and spam.
UPDATE (4/3/2011): In addition to The College Board, about 50 businesses who were clients of Epsilon at some point have also been affected. Customer names and email addresses from the following businesses were exposed:
Companies that use Epsilon include;
AIR MILES Reward Program (Canada)
Barclays Bank of Delaware (Barclay’s L.L. Bean Visa card)
Best Buy Canada Reward Zone
Disney Destinations (The Walt Disney Travel Company)
Eddie Bauer Friends
Food 4 Less
Home Shopping Network (HSN)
New York & Company
Red Roof Inn
Robert Half International
Visa (Barclays Bank of Delaware/L.L. Bean Visa, BJ’s Visa)
As of 4/4/2011, Epsilon estimates that the breach affected about 2% of its clients.