Slashdot Mirror

← Back to Stories (view on slashdot.org)

Epsilon Breach Used Four-month-old Attack

Posted by CmdrTaco on from the way-to-go-guys dept.

schliz writes "Marketing giant Epsilon knew that it was vulnerable to an attack for 'some months' before suffering a high-profile breach last week. According to Epsilon's technology partner ReturnPath, the breach was part of a series of socially engineered attacks discovered in November."

8 of 48 comments (clear)

  1. Stupid by The+Grim+Reefer2 · · Score: 4, Insightful

    Why aren't there more laws to fine the hell out of companies like this when they are grossly negligent. This is their business, they should know better.

    1. Re:Stupid by fuzzyfuzzyfungus · · Score: 4, Funny

      Arguably, their management team should be given a life-sentence of manually deleting penis-pill spam using the 'Incredimail' client on a virus-riddled WinME box with inadequate RAM and AOL dialup.

      The rest of the company can be sold for scrap, and their mailing lists tossed into the nearest smelter.

    2. Re:Stupid by WrongSizeGlass · · Score: 5, Interesting

      Why aren't there more laws to fine the hell out of companies like this when they are grossly negligent. This is their business, they should know better.

      I'm guessing that there aren't more laws because legislators don't know shit about data & security so when they try to enact laws about these things they miss the mark by being too lax, too broadly defined or they just don't get it at all. Massachusetts seems to get it and recently handed down their first penalties.

  2. Proving once again by jayhawk88 · · Score: 4, Insightful

    That users are children. They lie, they don't listen, they ignore your advice, they actively look for ways to get around the measures you put in place for their benefit, and at the end of the day, when the users have done something galactically stupid, IT'S ALL YOUR FAULT!

    Your users are children. Treat them as such.

  3. Vulnerable by haystor · · Score: 5, Funny

    Epsilon has always been vulnerable to attack by some smaller value of x.

    --
    t
  4. It was your fault, after all by Toe,+The · · Score: 5, Insightful

    The letters from Chase and Citi, both say effectively: "your data was stolen, here's what you should do to protect your data." They then go into a litany of minor data hygiene practices, failing to point out they themselves did not vet their vendor's security practices. There is no claim of culpability for bad security policy nor any indication that they will try to do better in the future. In other words, no reason why you should trust them with your data (and this response is sadly commonplace).

  5. Re:Good News / Bad News by Toe,+The · · Score: 5, Funny

    Beloved,

    It is welcome that you took this forward action to pervert critical contanimation of your most personal datas by submitting to computerscan with fantastic quick.

    Please be noted that Bank of Armerca is not changed to Russia. Is only important and extremely trusted vender who is making home inside of beautiful Mother Russia. This vender is to be deeply trusted by you very much and often. Examine the emails addressing on this emails and be aware that it comes from Bank of Armerca. Also to see the Bank of Armerca logo is on this emails, so you know it is very trust.

    Greetings,

    Ivan Petrovitch
    Bank of Armerca President
    snerksky772@hotmail.com

  6. I work for... by holmedog · · Score: 5, Interesting

    A direct competitor for Epsilon and I can say that everyone in our business (Epsilon included) has security measures in place to stop these kinds of things. Problem is, everyone at these types of companies are people. We might have millions invested in keeping data safe, but when you pay someone $10/hr to flip tapes in the data warehouse, you're still taking a risk that person might be doing something stupid in the interim. The simple fact is, data warehousing happens because it is cost efficient for companies to pay us to do it. That cost savings is seen by the consumer in the rates being knocked down for services. Why do you think you can get insurance so cheap? (well, here goes my karma...)