Epsilon accounts for a staggering 40 billion emails per year. It's the world's largest email marketing firm. It includes such clients as JP Morgan, Air Miles, and Victoria-based AbeBooks. And now it is involved in a security breach that is seeing millions of consumers in the U.S. and Canada afflicted by dangerous spam mail.
QuothGillian Shaw in The Vancouver Sun:
Security experts are warning email users to be especially vigilant against spam emails that could result from the breach as hackers take advantage of the customer lists to trick unwary recipients into sharing personal data or exposing their computers to viruses.
Epsilon said that only 2 percent of its users had their name and email stolen. But that could add up to a very large number of users — surely in the millions — as Epsilon handles email marketing services for more than 2,500 companies. The problem is that cyber criminals can now use those email lists to send phishing attacks — with personalized messages from brands that consumers do business with — that could be much more effective than random email spam. The company says a full investigation is underway.
Security blogger Brian Krebs has compiled a list of all the companies known to have been affected so far:
1800-Flowers, Abe Books, American Express, Ameriprise Financial, Barclays Bank of Delaware, Bebe Stores Inc., Benefit Cosmetics, BestBuy, Brookstone, Capital One, Citibank, City Market, The College Board, Dillons, Disney Vacations, Eddie Bauer, Food 4 Less, Fred Meyer, Fry’s, Hilton Honors, The Home Shopping Network, Jay C, JP Morgan Chase, King Soopers, Kroger, LL Bean, Marriott Rewards, McKinsey Quarterly, New York & Co., QFC, Ralphs, Red Roof Inns Inc., Ritz Carlton, Robert Half, Smith Brands, Target, TD Ameritrade, TiVo, US Bank, Visa, and Walgreens.
Epsllon is going to need some savvy PR to wiggle out of this one. For now, err on the cautious side when it comes to your inbox.