Epsilon, the world’s largest provider of permission-based email marketing, has suffered a huge data breach. That means hackers may have swiped customer data belonging to the world’s biggest brands.
Epsilon sends more than 40 billion emails a year on behalf of 2,500 brands. Security Week said the breach has affected a number of those brands, including grocery retailer Kroger, TiVo, Marriott Rewards, Ritz-Carlton Rewards, US Bank, JPMorgan Chase, Capital One, Citi, McKinsey & Company, New York & Company, Brookstone, and Walgreens.
At first, the breach was believed to have affected only Kroger. But more and more companies have been confirming that they have had their data stolen as well. Epsilon builds and hosts customer databases for brands, making it a prime target for hackers. In many cases, the data lost is simply someone’s email address. But Security Week says that’s all that a hacker needs to try a targeted phishing attack against the customer, who will expect to have communication from these brands. You might, for instance, receive a message from Brookstone about a special offer addressed to your name. But it may be carrying a virus that exposes you to data theft if you simply open the email. These kinds of phishing attacks are likely to have a higher success rate.
Marriott Rewards and Ritz Carlton Rewards told SecurityWeek that their customer names, email addresses, and member point balances were exposed. Citi warned customers via Twitter about the incident. Epsilon disclosed the breach late Friday.
[image credit: alertsec]
VentureBeat is creating an index of the most exciting cloud-based services for developers. Take a look at our initial suggestions and complete the survey to help us build a definitive index. We’ll publish the official index later this month, and for those who fill out surveys, we’ll send you an expanded report free of charge. Speak with the analyst who put this survey together to get more in-depth information, inquire within.