Slashdot Mirror

← Back to Stories (view on slashdot.org)

Epsilon Breach Used Four-month-old Attack

Posted by CmdrTaco on from the way-to-go-guys dept.

schliz writes "Marketing giant Epsilon knew that it was vulnerable to an attack for 'some months' before suffering a high-profile breach last week. According to Epsilon's technology partner ReturnPath, the breach was part of a series of socially engineered attacks discovered in November."

3 of 48 comments (clear)

  1. Stupid by The+Grim+Reefer2 · · Score: 4, Insightful

    Why aren't there more laws to fine the hell out of companies like this when they are grossly negligent. This is their business, they should know better.

  2. Proving once again by jayhawk88 · · Score: 4, Insightful

    That users are children. They lie, they don't listen, they ignore your advice, they actively look for ways to get around the measures you put in place for their benefit, and at the end of the day, when the users have done something galactically stupid, IT'S ALL YOUR FAULT!

    Your users are children. Treat them as such.

  3. It was your fault, after all by Toe,+The · · Score: 5, Insightful

    The letters from Chase and Citi, both say effectively: "your data was stolen, here's what you should do to protect your data." They then go into a litany of minor data hygiene practices, failing to point out they themselves did not vet their vendor's security practices. There is no claim of culpability for bad security policy nor any indication that they will try to do better in the future. In other words, no reason why you should trust them with your data (and this response is sadly commonplace).