• Search Blog Archives

  • Recent Posts

  • Archives

  • Categories

  • Websense

  • Security Sites

Follow us: 
Like us on Facebook Follow us on Twitter Visit us on YouTube Follow us on LinkedIn

Epsilon Data Breach
Posted: 04 Apr 2011 09:25 AM

On Friday 1 April 2011, Epsilon, a marketing services firm, notified their customers of "unauthorised entry into email system".  Their press release can be seen here.

 

 

The press release advises that the information stolen during the attack included only customer email addresses and customer names and didn't include any other personal or financial information. In the wrong hands, however, even this limited amount of information can have consequences for those to whom the data pertains.  We shall explore some typical scenarios below.

 

What does this mean to Epsilon's customers?

Many well-known brands in the hotel and leisure, entertainment, and retail industries (to name but a few) use Epsilon's services to send marketing emails to their customer base.  It would appear that the list of customer contacts were the very information that was stolen, and we are starting to see that affected businesses are advising their customers of the issue.  We commend them for doing so.

 

What does this mean to you as a customer of one of Epsilon's clients?

It has been proven that attackers have better success rates when they know more about the victims they are targeting. In these cases, the attackers may use knowledge around the inclusion into one or many of these services to lure them. Additionally lures may include details that use this event to entice users. So it's very likely that we will see spear-phishing attacks sent to these email addresses; spam/malicious emails where the language and layout is very targeted to the victim. An attacker with this information might for example know which hotel chain you prefer, which bank you use and your favorite electronic store.


 
In addition, attackers may use this breach to gain other pieces of valuable information from the victims such as: bank details, passwords for accounts, and other sensitive pieces of information by creating very specific and targeted emails.


 
Our ThreatSeeker® Network is scanning for attacks in the wild that are using the stolen data to lure victims, and we will update this blog when we find these attacks.

 

Brian Krebs has a timeline of when companies disclosed this data breach at his website Krebsonsecurity.  A number of high-profile global clients have been affected.

Filed under: , ,

Carl Leonard

1 comment(s)

Comments

  Mike Collart said on Wednesday, April 06, 2011 8:35 AM

I was notified by Tivo that my info was compromised.

It seems to me that Tivo should be required to purchase insurance for me to protect me from spammers who may misuse this info.  This has been done in the past by other companies.  Why hasen't Tivo offered this protection due to their subcontractors' negligence?



Leave a Comment

(required) 

Email address: (required) 
 
  
 


©2013 Websense, Inc. All Rights Reserved.