Epsilon, the world's largest email marketing firm, has been hacked.
It's time to ramp your inbox paranoia up another notch. Epsilon, the world's largest permission-based email marketing service, has just been hacked six ways from Sunday. A huge number of major corporate brands have had their mailing lists fall into the hands of net-dwelling ne’er-do-wells. What does this mean for you? Phishing attempts are about to get much more convincing.
Don't Miss: Win a FREE Nintendo Switch in our Giveaway
Several of the affected businesses are major financial institutions- JPMorgan, CitiBank, US Bank and Capital One. Folks tend to trust emails from their bank. Now phishers will be able to address these people by name, which may lead to a higher rate of return. CitiBank has already addressed the breach:
"Because e-mail addresses can be used for "phishing" attacks, we want to remind our customers that Citi uses an Email Security Zone in all our email to help them recognize that the email was sent by us. Customers should check the Email Security Zone to verify that email they have received is from Citi and reduce the risk of personal information being 'phished.'"
Other brands affected include Kroger, Walgreens, TiVO, The College Board, Brookstone and Ritz Carlton rewards. This story is still developing and Epsilon will likely release more names as the extent of the hack becomes clear. Epsilon's disclosure notes that no information besides customer email addresses and names was leaked, however "A full investigation is currently underway".
It's easy to trust an institution like The College Board with your personal information. But the sad fact is, you're never sharing your info with just one entity. All these major brands trust a third party- like Epsilon- to handle their email databases and mass marketing. While that's an efficient use of corporate resources, it can also lead to "Eggs in one basket" syndrome.
A company like Epsilon is the digital equivalent of a giant warehouse packed with valuable information. And one hole in their security is enough to compromise the private information of hundreds of thousands- if not millions, of people. Keep that in mind the next time you sign up for a mailing list.