Sunday, April 3, 2011

Email-services firm reports data breach

Be careful opening any email from your banks or credit card issuers. Do not provide any private information over email unless you are absolutely sure you know the sender.

http://www.marketwatch.com/story/e-mail-services-firm-reports-data-breach-2011-04-03
Major financial-services, retail, hotel and other firms are affected
By Robert Daniel, MarketWatch

TEL AVIV (MarketWatch) – A data breach at the world’s largest provider of permission-based marketing-email services may have enabled unauthorized people to access the names and email addresses for customers of major financial-services, retailing and other companies, company statements and media reports say.

On April 1, Epsilon, the Dallas provider of email services for companies, said in a news release that on March 30, "A subset of Epsilon clients’ customer data [was] exposed by an unauthorized entry into Epsilon’s email system."

"The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway."

Companies including Walgreen Co., the Deerfield, Ill., drugstore chain; J.P. Morgan Chase & Co. and Capital One Financial Corp., the financial-services providers based in New York and McLean, Va., respectively; New York & Co., the New York apparel chain; and Kroger Co., the Cincinnati supermarket operator, said they were informed by Epsilon that files related to their customer bases might have been exposed.

SecurityWeek, which follows the Internet- and enterprise-security industry, reported that other companies affected by the breach included Citigroup and US Bancorp, the New York and Minneapolis financial-services firms, retailer Brookstone, consultants McKinsey & Co., the hotel chains Marriott International Inc. and Ritz-Carlton, and TiVo Inc., the Alviso, Calif., provider of digital-video-recording solutions.

A number of the companies warned their customers not to open email from unfamiliar senders and said that they don’t ask for personal information, like credit-card and Social Security numbers, via email.

On its website, Epsilon says that it employs more than 2,200 people worldwide and sends more than 40 billion emails annually on behalf of more than 2,500 clients, including 7of the top Fortune 10 companies. Epsilon is a subsidiary of Alliance Data Systems Corp., the Plano, Texas, provider of marketing solutions.

Robert Daniel is MarketWatch's Middle East bureau chief, based in Tel Aviv.