Banking customer data stolen in marketing firm attack

Email marketing company Epsilon hacked, losing customer data from many of the world's largest banks

Email marketing firm Epsilon has suffered a cyber attack, potentially losing the personal details of millions of banking customers worldwide.

Epsilon provides email marketing for many major banks including Citibank, JP Morgan and Capital One.

In a statement on its web site, the marketing firm said that sensitive financial information was not lost.

"An incident was detected where a subset of Epsilon clients' customer data was exposed by an unauthorised entry into Epsilon's email system. The information that was obtained was limited to email addresses and/or customer names only," it stated.

Epsilon sends out more than 40 billion marketing emails annually for its clients.

This follows a similar, recent breach at retailer Play.com, which blamed its email marketing partner Silverpop for the data loss, saying:

"We believe [the breach] may be related to irregular activity that was identified in December 2010 at our email service provider, Silverpop. Investigations at the time showed no evidence that any of our customer email addresses had been downloaded."

Security expert Brian Krebs said that many email service providers have suffered breaches in recent months, in what appears to be a targeted series of attacks.

"My initial reporting on this attack against the email service provider industry indicates that most of the providers in the industry had client customer data stolen. I am left wondering how long we have to keep watching this stream of disclosures trickle out, and how long it might take for email service providers like Silverpop to get their houses in order," he added.