Massive data breach reported
Affected companies began notifying their customers over the weekend that hackers may have accessed their email addresses.
This post comes from Mark Huffman at partner site ConsumerAffairs.com.
In what could be the largest security breach in U.S. history, a virtual who's who of U.S. companies have begun notifying consumers that their names and email addresses, held in a vast database, may be been illegally accessed.
"On March 30th, an incident was detected where a subset of Epsilon clients' customer data were exposed by an unauthorized entry into Epsilon's email system," the company said in a statement. "The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway."
Affected companies began notifying their customers over the weekend that hackers may have accessed their email addresses, though there appears to be no way the hackers can actually access the accounts themselves.
"Capital One has been informed that the compromised files did not include any personally identifiable or customer financial information," the credit card company said in a statement Sunday. "Capital One is actively investigating the incident and Epsilon is conducting its own comprehensive investigation in cooperation with the appropriate authorities."
While consumers often receive spam emails sent at random, security experts say the ability of scammers to put names with email addresses may make these phishing expeditions more effective.
"Customers are reminded to ignore emails asking for confidential account or login information and remember that familiar looking links in an email can redirect to a fraudulent site," Capital One said. "If you get an email that claims to be from us but you aren't sure, or you think it's suspicious, don't click any of the links."
In warning its customers, TiVo sought to reassure them that the information, if actually obtained by unauthorized personnel, would not compromise sensitive data.
"We were advised by Epsilon that the information that was obtained was limited to first name and/or email addresses only," Tivo said. "Epsilon does not have access to service information or credit card details and all such personally identifiable information remains secure."
Epsilon, a unit of Alliance Data Systems, sends out an estimated 40 billion email ads each year. Law enforcement authorities are said to be investigating how the breach occurred, and just how many names and email addresses might have been accessed.
More from ConsumerAffairs.com and MSN Money:
Copyright © 2014 Microsoft. All rights reserved.
ABOUT SMART SPENDING
LATEST BLOG POSTS
VIDEO ON MSN MONEY
BLOGS WE LIKE
MUST-SEE ON MSN
A charcuterie master shares his process for cold-smoking meat at home.
- Jetpacks about to go mainstream
- Weird things covered by home insurance
- Bing: 70 percent of adults report 'digital eye strain'