Slashdot Mirror

← Back to Stories (view on slashdot.org)

Epsilon Data Breach Bigger Than Just Kroger Customers' Data

Posted by timothy on from the trade-loyalty-cards-and-email-addresses dept.

wiredmikey writes with an update to the previously reported Epsilon breach: "It turns out that Kroger is only one of many customers affected by the breach at Epsilon, which sends over 40 billion emails annually and counts over 2,500 clients, including 7 of the Fortune 10, to build and host their customer databases. It has been confirmed that the customer names and email addresses, and in a few cases other pieces of information, were compromised at several major brands, a list which continues to grow ..." An anonymous reader points out that U.S. Bank is on the list of affected companies; I wonder how many more phishing attempts this will mean.

2 of 115 comments (clear)

  1. collegeboard.com affected by patmandu · · Score: 5, Interesting

    Just got this email:

    CollegeBoard.com
    We have been informed by Epsilon, the vendor that sends email to you on our behalf, that your e-mail address may have been exposed by unauthorized entry into their system.

    Epsilon has assured us that the only information that may have been obtained was your first and last name and e-mail address. REST ASSURED THAT THIS VENDOR DID NOT HAVE ACCESS TO OTHER MORE SENSITIVE INFORMATION SUCH AS SOCIAL SECURITY NUMBER OR CREDIT CARD DATA.

    Please note, it is possible you may receive spam e-mail messages as a result. We want to urge you to be cautious when opening links or attachments from unknown third parties.

    In keeping with standard security practices, the College Board will never ask you to provide or confirm any information, including credit card numbers, unless you are on a secure College Board site.

    Epsilon has reported this incident to, and is working with, the appropriate authorities.

    We regret this has taken place and apologize for any inconvenience this may have caused you. We take your privacy very seriously, and we will continue to work diligently to protect your personal information.

    Sincerely,

    The College Board

  2. Only Names and Emails? by longacre · · Score: 4, Interesting

    Usually email marketing databases include a lot more than name and email. They can include identifying demographic info such as home address, sex, age, income, and more to allow for message targeting. Now it's possible that these guys only took names and emails as Kroger and US Bank have announced, but I wouldn't be surprised of Epsilon perhaps underplayed the severity of the breach to their clients.

    --
    Airplane Photos, Airline News, Planespotting Guides