Not an April Fools’ joke: On the first of the month, e-mail marketing firm Epsilon disclosed that it had been subject to a security breach, leaving the email addresses and names of customers exposed. While Epsilon may not be a household name, many of the clients on whose behalf it handles email newsletters and updates are: Among them, Best Buy, TiVo, Walgreens, Kroger, Brookstone, Disney, Destinations, JPMorgan Chase, Capital One, Citi, McKinsey & Company, and even The College Board.
While Epsilon says that “a rigorous assessment determined that no other personal identifiable information associated with those names was at risk,” the breach remains a big deal in that it could leave the people affected more vulnerable to phishing attacks. It stands to reason that malicious emails that address recipients by name and appear to come from the brands that people regularly receive email from are more likely to successfully hoodwink people than are blind emails.
To this end, many, though not all, of the brands impacted by the breach have sent out emails notifying customers to be aware. As Epsilon has refused to disclose which of its clients’ email databases were affected, it’s possible that more brands will announce that their customers’ data was compromised. To this end, if you regularly receive emails from the brands mentioned above, the brands mentioned here, or any major brands, it’s best to stay on the safe side and be extra vigilant until more information becomes available.
(Security Week via Consumerist)
