Some hacker(s) hit the jackpot, the mother lode of data breaches. If the Chinese or the Russian Mafia aren’t responsible for this, they must be jealous.
The world’s largest “permissions-based” e-mail marketing company, Epsilon, reported late last week that someone hacked into its computer system and stole an unknown number of e-mail addresses and names.
The scope of this breach is potentially huge and has continued to grow over the weekend, with companies like TiVo, JPMorgan Chase and Capital One coming forward to say their customers have been affected. Epsilon reports sending 40 billion e-mails per year on behalf of its 2,500 clients. Reuters calls this potentially “one of the biggest such breaches in U.S. history.”
. . .
What security experts do worry about, however, is a malicious form of spam called “targeted phishing” or “spear phishing.” These terms refer to fake e-mails that try to look real because the scammer knows something about you.
Say you had signed up to receive marketing e-mails from Kroger, which is a major U.S. grocery store chain. If your e-mail address and name were stolen as part of the recent security breach, a scammer, knowing you sometimes get e-mails from Kroger and probably wouldn’t be suspicious of them, could design a fake e-mail that looks like it came from Kroger. Such an e-mail might ask you for sensitive information, like a Social Security number or bank account number.
If you divulged that kind of personal data, you could become a victim of identity theft.
Data breach at Irving-based Epsilon exposes email addresses of major firms’ customers
Epsilon security breach exposes thousands of email addresses
Major Email Security Breach Threatens Millions
Banks, credit-card issuers warn of email breach
You Might Be Impacted by Epsilon Breach
FAQ: Epsilon email breach
Citi, JPMorgan, Best Buy Customers Hit In Massive Email Breach
Don’t Minimize the Epsilon Episode
Secret Service investigates Epsilon data breach
The Epsilon Breach: How Worried–and Angry–Should You Be?
The Epsilon Breach: What Should You Do?
Poll: Have you received an email warning about the Epsilon hack?
Needless to say, if you receive any e-mail regarding this incident, make sure it’s legitimate because there’s a good chance it isn’t. And remember, none of the companies involved will ask you for sensitive information in an e-mail.
/it you’re not sure, contact the company directly through their website
Filed under: Blog Entry | Tagged: Affected, Bank Account Number, Best Buy, Breach, Capital One, Citi, Clients, Companies, Computer System, Continued, Customers, Design, Divulged, E-Mail, E-Mail Addresses, E-Mail Hack, E-Mail Marketing Company, Epsilon, Fake E-Mails, Grocery Store Chain, Grow, Hack, Hacked, Hacker, Hackers, Hacking, Identity Theft, JPMorgan Chase, Kroger, Malicious, Names, Permissions-Based, Personal Data, Phishing, Potentially Huge, Reported, Scammer, Scope, Security Breach, Security Experts, Sensitive Information, Social Security Number, Spam, Spear-Phishing, Stole, Stolen, Suspicious, Targeted Phishing, TiVo, U.S. History, Unknown Number, Victim, Weekend, World's Largest |