Slashdot Mirror


Epsilon Breach Used Four-month-old Attack

schliz writes "Marketing giant Epsilon knew that it was vulnerable to an attack for 'some months' before suffering a high-profile breach last week. According to Epsilon's technology partner ReturnPath, the breach was part of a series of socially engineered attacks discovered in November."

2 of 48 comments (clear)

  1. Re:Stupid by WrongSizeGlass · · Score: 5, Interesting

    Why aren't there more laws to fine the hell out of companies like this when they are grossly negligent. This is their business, they should know better.

    I'm guessing that there aren't more laws because legislators don't know shit about data & security so when they try to enact laws about these things they miss the mark by being too lax, too broadly defined or they just don't get it at all. Massachusetts seems to get it and recently handed down their first penalties.

  2. I work for... by holmedog · · Score: 5, Interesting

    A direct competitor for Epsilon and I can say that everyone in our business (Epsilon included) has security measures in place to stop these kinds of things. Problem is, everyone at these types of companies are people. We might have millions invested in keeping data safe, but when you pay someone $10/hr to flip tapes in the data warehouse, you're still taking a risk that person might be doing something stupid in the interim. The simple fact is, data warehousing happens because it is cost efficient for companies to pay us to do it. That cost savings is seen by the consumer in the rates being knocked down for services. Why do you think you can get insurance so cheap? (well, here goes my karma...)