11. April 2011 14:47
If you receive a strange email from your bank, do not click on it. It might not be who you think it is. Hackers managed to get a hold of millions of email address because they hacked Epsilon. Epsilon touts itself as the largest permission based marketing company in the world. Some of the companies affected by this include:JP Morgan Chase, US Bank, TiVo, Walgreen’s, Citigroup, Best Buy, Walgreen’s, and Kroger. Epsilon had this to say about the matter:
On March 30th, an incident was detected where a subset of Epsilon clients’ customer data were exposed by an unauthorized entry into Epsilon’s email system. The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway.
TiVo sent this email to its customers:
We were advised by our email service provider that the information that was obtained was limited to first name and/or email addresses only. Your service and any other personally identifiable information were not at risk and remain secure. Please note, it is possible you may receive spam email messages as a result. We want to urge you to be cautious when opening links or attachments from unknown third parties. We regret this has taken place and apologize for any inconvenience this may have caused you. We take your privacy very seriously, and we will continue to work diligently to protect your personal information.
I suspect that there may be lots of phising emails sent as a result of this breach. If you get an email claiming to come from a company you do business with, do not assume that it is that company. Pay close attention to the email message. Does it address you by your name or use something generic like “Dear Customer”? If the greeting is generic, that is probably a red flag. Also if the email is asking you to verify account numbers or anything personal, do not click on the link included in the email. Instead, just type the company’s website in your browser and confirm everything that way. Epsilon said that only names and email addresses were stolen during this breach of security. Protect yourself from phishing by paying attention to the email messages that come through. Leave comments about this breach of security in the comment section below.