A massive breach at Epsilon, the world's largest permission based e-mail marketing service company, has occured according to a report by Mike Lennon at SecurityWeek.com. While initially the breach had affected Kroger, the large grocery retailer, it turns out that Kroger is only one of many Epsilon customers affected. When the breach was discovered, Kroger immediately sent out e-mails to their customers warning them of possible phishing scam attempts. Citi warned their customers on Twitter.

SecurityWeek has been able to confirm that customer names and e-mail addresses, and in a few cases other pieces of information, were compromised at several major brands in addition to Kroger including: Ameriprise Financial, Best Buy, Brookstone, Capital One, Citi, Disney Destinations, Home Shopping Network, JPMorgan Chase, LL Bean Visa Card, Marriott Rewards, McKinsey & Company, New York & Company, Ritz-Carlton Rewards, The College Board, TiVo, US Bank and Walgreens. Apparently, when asked to comment by SecurityWeek, Epsilon refused to provide additional details on what other brands may have been affected.

Because e-mail addresses are used for phishing attacks, people should verify that the e-mails are authentic before revealing personal information requested. Contacting the company allegedly making the request by directly going to their website for verification may be the safest way to deal with the request. And obviously this does not mean using a link provided in the e-mail.

Go Back