04 Apr 2011
Email marketing firm Epsilon has suffered a cyber attack, potentially losing the personal details of millions of banking customers worldwide.
Epsilon provides email marketing for many major banks including Citibank, JP Morgan and Capital One.
In a statement on its web site, the marketing firm said that sensitive financial information was not lost.
"An incident was detected where a subset of Epsilon clients' customer data was exposed by an unauthorised entry into Epsilon's email system. The information that was obtained was limited to email addresses and/or customer names only," it stated.
Epsilon sends out more than 40 billion marketing emails annually for its clients.
This follows a similar, recent breach at retailer Play.com, which blamed its email marketing partner Silverpop for the data loss, saying:
"We believe [the breach] may be related to irregular activity that was identified in December 2010 at our email service provider, Silverpop. Investigations at the time showed no evidence that any of our customer email addresses had been downloaded."
Security expert Brian Krebs said that many email service providers have suffered breaches in recent months, in what appears to be a targeted series of attacks.
"My initial reporting on this attack against the email service provider industry indicates that most of the providers in the industry had client customer data stolen. I am left wondering how long we have to keep watching this stream of disclosures trickle out, and how long it might take for email service providers like Silverpop to get their houses in order," he added.
This breach is remarkable because of the number of companies and customers it affects, but realistically, it would have been much worse had credit card numbers, social security numbers or other similar types of high-value personal information been compromised. The biggest potential issue this may cause is an increased level of spam and phishing attacks for those whose names and email addresses were hacked, requiring extra vigilance on the part of those who were affected. However, this type of incident should not be taken lightly. It’s another reminder that privacy is an illusion on the internet.
Posted by: Alex Eckelberry, general manager of the Security Business Unit, GFI Software 05 Apr 2011
Have your say on this article
Newsletters
Latest stories from Hacking
You may also like
Hacking jobs
Technology Patent Wars
Case studies from large organisations across all sectors
... And rich media, and flexible working, and peaks in traffic ...
Upcoming Events
Join us for this Computing web seminar, in which the Head of BI at the Co-operative Group Nick Colebourn will be explaining just how he reigned in the Group’s sprawling database estate and how significant savings were realised and data quality improved as a result.
Date: 31 May 2012
Time: 11:00 AM
Live June 13th 11:00am: Register now. During this web seminar we will be looking at the sorts of incidents that can bring data centres grinding to a halt and what can be done about them.
Date: 13 Jun 2012
Time: 11:00 am
Receive the latest jobs direct to your inbox
Are you being paid what you are worth?
