Brian Krebs writes:
McDonald’s and Walgreens this week revealed that data breaches at partner marketing firms had exposed customer information. There has been a great deal of media coverage treating these and other similar cases as isolated incidents, but all signs indicate they are directly tied to a spate of “spear phishing” attacks against e-mail marketing firms that have siphoned customer data from more than 100 companies in the past few months.
On Nov. 24, I published an investigative piece that said criminals were conducting complex, targeted e-mail attacks against employees at more than 100 e-mail service providers (ESPs) over the past several months in a bid to hijack computers at companies that market directly to customers of some of the world’s largest corporations.
Read more on KrebsonSecurity.com.