Epsilon Email Break-In... Updated List of Affected Companies
It comes as no surprise that a lot of people and businesses have been affected by the Epsilon break-in.
What may be a surprise to some is the breadth of the affected industries. In our previous blog on the Epsilon break-in, I said,
It's just about every type of business imaginable, and chances are very, very, very high you've dealt with at least one of these companies.
Given the growing size of the list, that looks more true than ever. Take a look at the list below.
If you have an account with one of these banks or have shopped with one of these retailers/e-tailers, you're more susceptible to a highly targeted spear-phishing attack.
They know your name and email address, and they know the banks, credit card companies, and other financial institutions you deal with. They know where you've shopped.
You, like me, are a prime target for someone looking to contact you by email and trick you into giving up your highly confidential information or steal from you. It's a fact. Because they know more about you, it's much, much easier to gain your trust.
Today, I came across this updated list of companies affected by the Epsilon Breach at CAUSE.org (The Coalition Against Unsolicited Commercial Email). [Thanks to CAUSE.org for doing the tremendous leg work to put this list together.]
|Retailers / e-Tailers|
For the companies involved, there's no shame in my opinion. They put their trust in a company with, at that point, an excellent record for systems and information security.
It just so happens that even with that, someone (or more likely a group) broke into their systems and stole the data Epsilon had been recording, storing, and using on their customers' behalves.
Is Epsilon to blame, definitely, but I don't feel the companies are. Outsourcing to what you believe is a competent third party is often not just a good but actually the best business decision.
It really doesn't make sense for most companies to spend the time and resources to devote to something as mundane as email address collection and marketing. It really doesn't.
No matter how good each individual company's staff gets, because of the scale of Epsilon's operations, they see more, and so they're more likely to make the right decisions about security.
What this really boils down to is a question of personal responsibility. Each of us, as individual consumers and businesses, need to be smart about what we do with our information and what to do when we're contacted.
That means thinking before you click. Thinking before you type. And thinking before you hit "submit" on a form.
And it also means keeping your PC patched and your antivirus software up to date, too. Together, being smart about what you do online and keeping your PC secure can be just the difference between being safe and being someone's identity theft prey.
The comments to this entry are closed.