Epsilon data breach results in a huge loss of customer data

Epsilon, the world’s largest provider of permission-based email marketing, has suffered a huge data breach. That means hackers may have swiped customer data belonging to the world’s biggest brands.

Epsilon sends more than 40 billion emails a year on behalf of 2,500 brands. Security Week said the breach has affected a number of those brands, including grocery retailer Kroger, TiVo, Marriott Rewards, Ritz-Carlton Rewards, US Bank, JPMorgan Chase, Capital One, Citi, McKinsey & Company, New York & Company, Brookstone, and Walgreens.

At first, the breach was believed to have affected only Kroger. But more and more companies have been confirming that they have had their data stolen as well. Epsilon builds and hosts customer databases for brands, making it a prime target for hackers. In many cases, the data lost is simply someone’s email address. But Security Week says that’s all that a hacker needs to try a targeted phishing attack against the customer, who will expect to have communication from these brands. You might, for instance, receive a message from Brookstone about a special offer addressed to your name. But it may be carrying a virus that exposes you to data theft if you simply open the email. These kinds of phishing attacks are likely to have a higher success rate.

Marriott Rewards and Ritz Carlton Rewards told SecurityWeek that their customer names, email addresses, and member point balances were exposed. Citi warned customers via Twitter about the incident. Epsilon disclosed the breach late Friday.

[image credit: alertsec]

Trackbacks

  1. [...] fairly common due to its relative ease, since all the hackers need is your name and email address. Epsilon’s recent data breach was a great example of the possibility of phishing. Their network was hacked [...]

  2. [...] Epsilon’s recent data breach was a great example of the possibility of phishing. Their network was hacked into and thousands of names and email addresses were exposed, making thousands of people vulnerable to phishing attempts. [...]

  3. [...] This is a real concern and the phishing has commenced, but some people are really taking it too far. One report speculates that  “You might, for instance, receive a message from Brookstone about a special offer addressed to… [...]

  4. [...] recent data breach suffered by Epsilon is a great example of how phishing can occur. The people that hacked Epsilon’s network [...]

  5. [...] recent data breach suffered by Epsilon is a perfect example of how phishing can occur. The people that hacked Epsilon’s network [...]

  6. [...] works for more than 2500 brands and sends more than 40 billion emails a year on their behalf (that’s how they got your [...]

  7. […] one of the largest data breaches of its kind, Epsilon was hacked in March of 2011. Epsilon handles over 40 billion emails annually […]

  8. […] recent breach of Epsilon was a prime example. Thousands of names and email addresses were exposed and the companies affected […]