Epsilon Breach Exposes Countless Consumers
DATA LOSS—U.S.April 4, 2011
The world's largest provider of permission-based e-mail marketing, Epsilon, has announced that a hacker gained access to some of its files, exposing multiple companies' consumer data in what The Economic Times says "could be one of the biggest such breaches in U.S. history." Epsilon serves a wide range of companies including supermarket chain Kroger; banks including U.S. Bank, Capital One Financial Corp and Citigroup; retail stores including Best Buy, Walgreens, LL Bean and Brookstone, and hotel chains including Marriott International, all of which have notified customers that their e-mail addresses, names and, in some cases, other information were compromised in the breach. Epsilon has said no data other than names and e-mail addresses were compromised, but authorities and some companies are conducting their own investigations into the breach. A Security Week article stresses that while some "may dismiss the type of data harvested as a minor threat," such access to customer e-mail lists "opens the opportunity for targeted phishing attacks to customers who expect communications from these brands."