Massive Epsilon breach affects JPMorgan Chase, Capital One, US Bank and others
Posted on 04 April 2011.
Third-party firms that handle e-mail marketing for big companies and corporations have lately become a very desirable target for attackers, and the onslaught continues.

The recent breach has been tied to the attack that its marketing communications firm Silverpop - a company that services over 105 customers, among whom are Walgreens and McDonalds - suffered last December.

But the latest breach will likely have the biggest impact, because marketing services provider Epsilon - the largest one in the world - has notified its customers of a breach that likely compromised all of their mailing lists.

Among Epsilon's customers are US Bank, JPMorgan Chase, TiVo, Capital One, the Home Shopping Network, LL Bean Visa Card, Ritz-Carlton Rewards, Best Buy, Disney Destinations, Walgreens, and many more.

Epsilon has posted a short notification on their site saying: "On March 30th, an incident was detected where a subset of Epsilon clients' customer data were exposed by an unauthorized entry into Epsilon's email system. The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway."

But, SecurityWeek says that apart from customer names and email addresses, other pieces of information have been compromised in a few cases.

The affected Epsilon customers have been warning their own users about the breach and reminding them to be careful of phishing emails misusing the collected information. Some sent emails, and others used their Twitter accounts to get the message across. Financial organizations like JPMorgan Chase, Capital One, Citi and others have especially made sure to warn their users as soon as possible.

Phishing campaigns using the stolen data have not yet been spotted.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th