What You Should Know about the Epsilon Security Breach

April 06, 2011
A security breach of historic proportions recently resulted in the theft of millions of e-mail addresses and other personal information, and the Better Business Bureau (BBB) Serving Mississippi is warning consumers to be on the lookout for the aftershocks.

Over the weekend, marketing giant Epsilon notified its high-profile customers that it was the victim of a data breach, affecting millions of consumers who shop at stores like Walgreens and Kroger.

“So far, BBB personnel have received email messages from Kroger, Walgreens, Marriott, Chase and others warning that their personal information could be compromised,” said BBB President Bill Moak. “So far, it appears that only names and email addresses were compromised by the hack, and that those were the only types of information accessed by the thieves.”

However, Moak warns that it’s likely that information obtained during the breach could be used in phishing attacks designed to scare customers into divulging personal and financial information.
 If your bank, credit card lender, or favorite retailer is an Epsilon customer, you need to keep an eye on your email and a tight grip on your personal information. The same goes for parents and students signed-up with The College Board for prep tests and help with their college search.

So far, no one has released an exact number of how many consumers are at risk. On its Web site, Epsilon states, “We are the world’s largest permission-based email marketing provider, sending over 40 billion emails annually.” In a press release, Reuters claimed this “…could be one of the biggest such breaches in U.S. history…”

BBB Tips to Avoid Phishing

  • Beware of any email asking for personal, financial or account information. Legitimate companies you rely on for your online shopping, financial needs and college tests will not request this information – they already have it.
  • Do not open any attachments. Attachments may contain malicious code that will infect your computer.
  • Do not click on any links. If you want to communicate with the business use your favorite search engine to find their Web site and/or contact information. Do not trust the information provided in the email.
  • Never provide your User ID or password in an e-mail.
  • Watch for strange emails from family/friends. Hackers sometimes use stolen information to pose as someone in your address book.
  • Make sure your computer’s spyware, spam filter and virus protection are up to date.