Over the past week there has been a lot of coverage in news about the recent Epsilon Email Breach. Epsilon is a Marketing Firm that services over 2500 clients, the list includes some pretty big names; Kroger, JPMorgan Chase, City Bank, US Bank, Home Shopping Network, and Mariott Rewards. On April 1st, Epsilon posted a Press Release stating that their systems had been compromised and that a subset of their clients’ customer data had been “exposed”. The press release, in an attempt I think to soften the blow, goes on to say that the only data that was obtained by the unauthorized user was Customer Names and Email Addresses.
What Does This Mean to You?
The average person will be connected to several of the Epsilon Clients that had their data breached. Immediately after receiving word from Epsilon that this data had been “exposed”, several companies started sending out emails to their customers letting them know about the breach. The general fear is that with Names and Email Addresses the hacker (or the person that he sells the data to) will be able to send out targeted Phishing emails. A victim is much more likely to actually open an email from a company, be it a chain store, bank or hotel, that he or she has some ties to. My wife received emails from Target and US Bank warning her to be careful of potential Phishing schemes that were sure to start arriving at any time.
What Should I Do?
There are a couple of basic rules to follow when it comes to watching out for Phishing emails.
#1 – The number one rule, is to make sure you know who it is that emailed you. If you aren’t sure the email is authentic you can always call the person or company to confirm it.
#2 – Don’t click on links in emails that ask for your personal information. Banks, Stores, Hotels, etc., will never ask you for this type of thing in a random email. It just doesn’t happen. When in doubt, see rule number one.
#3 – Only open email attachments if you know what they contain. Again, see rule number one.
#4 – If you receive a Phishing email, let someone know about it. The US Goverment has a site for reporting Phishing Scams, you should email or contact the company that the Phishing email was impersonating, and you should find someone with some technical knowledge to look over your computer to make sure you haven’t picked up any spyware.
The Epsilon Breach was a pretty big deal, but it could have been a lot worse. They are continuing to investigate, but to be honest, they probably won’t find the person behind the attack. In their latest Press Release they remind people to continue to be vigilant.
I hope this helps someone out, leave your comments below.
Dennis Edmondson Jr
Computing Concepts LLC
