Massive Epsilon breach affects JPMorgan Chase, Capital One, US Bank and others
Posted on 04 April 2011.
Third-party firms that handle e-mail marketing for big companies and corporations have lately become a very desirable target for attackers, and the onslaught continues.

The recent Play.com breach has been tied to the attack that its marketing communications firm Silverpop - a company that services over 105 customers, among whom are Walgreens and McDonalds - suffered last December.


But the latest breach will likely have the biggest impact, because marketing services provider Epsilon - the largest one in the world - has notified its customers of a breach that likely compromised all of their mailing lists.

Among Epsilon's customers are US Bank, JPMorgan Chase, TiVo, Capital One, the Home Shopping Network, LL Bean Visa Card, Ritz-Carlton Rewards, Best Buy, Disney Destinations, Walgreens, and many more.

Epsilon has posted a short notification on their site saying: "On March 30th, an incident was detected where a subset of Epsilon clients' customer data were exposed by an unauthorized entry into Epsilon's email system. The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway."

But, SecurityWeek says that apart from customer names and email addresses, other pieces of information have been compromised in a few cases.

The affected Epsilon customers have been warning their own users about the breach and reminding them to be careful of phishing emails misusing the collected information. Some sent emails, and others used their Twitter accounts to get the message across. Financial organizations like JPMorgan Chase, Capital One, Citi and others have especially made sure to warn their users as soon as possible.

Phishing campaigns using the stolen data have not yet been spotted.






Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //