Massive Security Breach hits the Epsilon Database; compromises Customers’ Personal Details of Several Companies
World’s largest permission-based E-mail Marketing Service Company that serves TiVo users and many more has compromised the users email and some other personal details. Epsilon reported breach in its security Friday. Epsilon is the company that sends 40 billion emails each year for more than 2,500 clients.
According to reports, the companies that has been affected by massive security breach include TiVo, US Bank, JPMorgan Chase, Verizon, Capital One, Marriott Rewards, Ritz-Carlton Rewards, Citi, Brookstone, McKinsey & Co., New York & Co, Kroger and Walgreens.
More title of the companies have been coming out and Epsilon reportedly refused to provide the full list of comapnies that affected by breach. “On March 30th, an incident was detected where a subset of Epsilon clients’ customer data were exposed by an unauthorized entry into Epsilon’s email system,” Epsilon said in a statement on Friday. “The information that was obtained was limited to email addresses and/or customer names only.”
A Marriott Rewards & Ritz Carlton Rewards spokesperson told SecurityWeek that their customer names, email addresses, and member point balances were exposed:
“We recently discovered that one of our third parties’ computer systems was tampered with. Tampering with our systems by an unauthorized person or persons is an illegal act and we reported this incident to a law enforcement agency who is currently investigating this matter. The unauthorized person(s) had access to email addresses and member point balances. They did not have access to member addresses, account logins and passwords, credit card information or other personal data,” the spokesperson wrote in an email.
TiVo tried to sooth victims, saying the release of personal data “was limited to first name and/or email addresses only.”
Kroger sent out an email to customers letting them know that names and email addresses had been stolen, and to warn them that they may receive “phishing” emails as due to the Epsilon breach.
“As a result, it is possible you may receive some spam email messages,” Kroger said in the email. “We apologize for any inconvenience. Kroger wants to remind you not to open emails from senders you do not know. Also, Kroger would never ask you to email personal information such as credit card numbers or social security numbers. If you receive such a request, it did not come from Kroger and should be deleted”
It’s not sure whether any significant details such as Credit Card details were compromised by this breach. Companies may make more alerts on the hack soon.