Epsilon, 1-800-FLOWERS.COM EMAIL BREACH
April 5, 2011 2 Comments
Recently, a company called Epsilon, which sends billions of emails a year for its clients, had a breach of security which has allowed hackers access to names and email addresses of customers. Epsilon has not disclosed the entire list of companies that are affected, however I did get an email from 1-800-FLOWERS.com advising me that my email is among those affected. They also “regret” any inconvenience this may cause. Yes, I am sure they do.
Epsilon, in a public statement, which can be read here, says that only 2% of its total clients are affected. Well ain’t that nice.
While Epsilon is not saying which companies are affected, news media and blogs are starting to compile lists. This list comes from COMPUTERWORLD, which states that about 50 companies are known to be affected so far. Here are some…
AbeBooks
Barclays Bank
Best Buy
Citibank
Disney Destinations
JP Morgan Chase
Kroger
Lacoste
McKinsey Quarterly
Robert Half
Target
Tivo
US Bank
Walgreens
We can add 1-800 FLOWERS to the list. Here is the text of the email they sent me:
Dear 1800Flowers.com Customer:
One of our email service providers, Epsilon, has informed us that we
are among a group of companies affected by a data breach that may
have exposed your email address to unauthorized third parties.
It’s important to know that this incident did not
involve other account or personally identifiable information.
We use permission-based email service providers such as Epsilon
to help us manage email communications to our customers.
We take your privacy very seriously and we work diligently to ensure
your private information is always protected. Epsilon has assured
us that no private information, other than your email address,
was involved in the incident. We regret any inconvenience
that this may cause you.
Because of this incident, we advise you to be extremely cautious
before opening emails from senders you do not recognize.
We thank you for your understanding in this matter.
Sincerely,
Bibi Brown
Director, Customer Service
Wouldn’t be nice if Epsilon would just come clean and tell us who else is affected?
Related Articles
- The Epsilon data breach affected millions – so what happens next? (thetechherald.com)
- Epsilon Data Breach: Millions of Email Addresses Exposed (sendblaster.com)
About Jason R. Raines
Eagle Watch
jimsweb.net
WSRP BLOG
I can confirm JP Morgan Chase…below is an excerpt from an email I received from them yesterday:
Chase is letting our customers know that we have been informed by Epsilon, a vendor we use to send e-mails, that an unauthorized person outside Epsilon accessed files that included e-mail addresses of some Chase customers. We have a team at Epsilon investigating and we are confident that the information that was retrieved included some Chase customer e-mail addresses, but did not include any customer account or financial information. Based on everything we know, your accounts and confidential information remain secure. As always, we are advising our customers of everything we know as we know it, and will keep you informed on what impact, if any, this will have on you.
We apologize if this causes you any inconvenience. We want to remind you that Chase will never ask for your personal information or login credentials in an e-mail. As always, be cautious if you receive e-mails asking for your personal information and be on the lookout for unwanted spam. It is not Chase’s practice to request personal information by e-mail.
Thanks Jim,
It is fascinating to me that so many millions of people are affected by this.