Entries in information technology (1)

Wednesday
Apr272011

The Epsilon email hack

Many of you have probably heard about the Epsilon data security breach that exposed millions of email addresses and customer names from some well known companies around the world.  According to reports, no other sensitive information was exposed. Here is a list of some large companies who were affected:

1-800-Flowers, AbeBooks, Air Miles, Ameriprise Financial, Barclays Bank, Beachbody, bebe Stores, Best Buy, Brookstone, Capital One, City Market, Citi, Dillons, Disney Destinations, Eileen Fisher, Ethan Allen, Food 4 Less, Fred Meyer, Fry's, Hilton Honors Program, Home Shopping Network (HSN), Jay C, JPMorgan Chase, King Soopers, Kroger, Lacoste, LL Bean Visa Card, Marriott Rewards, McKinsey & Company, MoneyGram, New York & Company, QFC, Ralphs, Red Roof Inn, Ritz-Carlton Rewards, Robert Half, Target, The College Board, TD Ameritrade, TiVo, US Bank, Walgreens.  

In fact a lot of you probably received an email that looked similar to this:  

Dear Valued Customer,
On March 30th, we were informed by Epsilon, a company we use to send emails to our customers, that files containing the email addresses of some Walgreens customers were accessed without authorization.
We have been assured by Epsilon that the only information that was obtained was your email address. No other personally identifiable information was at risk because such data is not contained in Epsilon’s email system.
For your security, we encourage you to be aware of common email scams that ask for personal or sensitive information. Walgreens will not send you emails asking for your credit card number, social security number or other personally identifiable information. If ever asked for this information, you can be confident it is not from Walgreens.
We regret this has taken place and any inconvenience this may have caused you. If you have any questions regarding this issue, please contact us at 1-855-814-0010. We take your privacy very seriously, and we will continue to work diligently to protect your personal information.
 

Many people have asked us who is Epsilon?, how does this affect me? and what do I need to do?  Epsilon is the world’s largest email marketer sending communication on behalf of Target, Walgreens and US Bank to name a few.  If you are a customer of one of these companies or if you have received an email from one, chances are you will be at risk for a targeted spear phishing campaign.  What you will notice is an increase in spam or phishing attacks which can be aimed at getting user information or installing malware from clicking a link within email.  These attacks will look like they came from the companies you deal with, but in fact they are coming from somewhere else. 

What users need to do is to be extremely cautious with emails coming from these companies and follow the following rules:

  1. Never click a link in an email. Go directly to the website by typing the url yourself.
  2. Never open email attachments unless you are expecting one from someone you know shortly.
  3. Never respond to an e-mail that asks you to verify passwords, credit card numbers, or any other financial information.

If NetComm learns of any email attacks we will keep you informed.