Originally published on Thursday, April 07, 2011
Epsilon Email Breach — what was taken, how might this affect me and what can I do to be more safe?
Chances are your Name and Email address were compromised during a recent data breach of a company called Epsilon.
Epsilon is a marketing firm whose services include permission-based email marketing and they have been in the news over recent days about an email breach that was first noticed on March 31. Epsilon has the world’s largest email marketing service sending over 40 billion emails annually and counts over 2,500 name brand clients, including 7 of the Fortune 10 to build and host their customer databases.
What was taken in the Email Breach?
At some point prior to the March 31st discovery, Hackers were able to access Epsilon databases and copy the names and emails of potentially millions of email subscribers. While and the company says that information obtained by the hackers was limited to Names and Emails only, an exact number of how many is still not yet known. They also added that no other personal identifiable information like Phone Numbers, Home Addresses and more importantly Credit Card numbers and Social Security Numbers were at risk.
Given the brand names of the companies involved, chances are your Name and Email were on one, two, three or more of the compromised lists.
Here are just a few of the larger companies affected by the data breach: JPMorgan Chase, Capital One, Citi, Home Shopping Network, TD Ameritrade, Verizon, Walgreens, The College Board, Best Buy, Target, Scottrade, and more.
How might this affect me?
You may experience a surge in spam but the hacks biggest danger will come from Spearphishing attempts. Spearphishing is when hackers send an email pretending to be from a business or organization you may or may not be a customer of. The email looks valid because it targets you specifically by including your name and possibly other personal information in the email text.
DO NOT BE FOOLED!
Always keep an eye out for email from senders you don’t know or from ones that look to come from companies you’re a customer of but are asking for Personal Account or Financial information. Do not send ANY sensitive information
like credit card or banking info to “companies” via email or using a link in the email they sent to you. Doing so will give the hackers the additional information they were looking for about your accounts and/or your computer may be compromised with the installation of malware or viruses.
What can I do to be more safe?
Besides not clicking on any suspicious emails, the only way to be certain you are as secure as possible is to go the company website itself before entering any information. Always open a new browser window and go directly to the company homepage and then access your account info however they have it setup to do.
For more infomation about how to protect yourself from Email Spam, Phishing, and Spearphishing attemps, email us at firstname.lastname@example.org.