DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Have you gotten a phishing phone call after the Epsilon breach? (updated)

Posted on April 6, 2011 by Dissent

I received the following email from a blog reader this morning:

FYI I have received 3 phishing emails in the last 12 hours including emails purportedly from Charter, Walgreens, and Citibank; of special interest however is the fact that I received a phone call on my home phone and the ID listed the caller as ‘Hilton.’ I was not expecting a call from Hilton, and there is no reason for HIlton to call me. When I answered the phone, the caller simply hung up.

Is it possible that the Epsilon breach also included some phone numbers?

Thank you.

Has anyone else gotten any suspicious phone calls like that after finding out that their name and email address were involved in the Epsilon breach? You can use the Comments section below, but more importantly, if you do get a phishing attempt, let the Secret Service know: [email protected]

Update: In a comment to this post, Neil Schwartzman appropriately points out that some phishing attempts may be opportunistic.  I followed up with the original correspondent, and his response is a great example of how confusing this can all be for consumers:

I did not receive an email from Hilton ‘confirming’ a breach of my info, but I do not believe in coincidence and there was no reason for me to get a call from Hilton. I do have accounts with Hilton and noticed their name on your website list of companies involved.

To be honest with you, how can we know that the so-called notices of possible breach are not phishing emails in and of themselves. I received three ‘notices of possible breach’ … Charter, Walgreen, and Citibank. All three notices came to us by way of an email address that we discontinued 3 years ago and no longer currently use in our dealings with the above companies; notices to that old address are still forwarded to us internally by our email provider (redacted). The Citibank email came with the ‘last four digits of (your) credit card.’ The numbers did not match any of our cards. When I checked with a Charter live-chat agent, he denied that the notice came from Charter and went so far as to say that Charter did not use Epsilon. All three notices of ‘possible breach’ came with live sites/icons in the body of the email. I have no intention to click on any of those live icons to find where they lead.

As far as I am concerned, any so-called ‘notice of possible breach’ should not contain a live icon or address at all! These ‘notices of possible breach’ could easily be ‘phishing’ in its most devious form.

Who to trust now????!!!!

Indeed. Perhaps one of the aftermaths of this breach will be that businesses are hurt because consumers become less likely to click on links in their promotional emails, fearing that they are phishing attempts/malware.

Category: Breach IncidentsCommentaries and Analyses

Post navigation

← Why unsubscribing from mail lists might not have protected you from the Epsilon breach
CORRECTED: When was Epsilon breached? →

3 thoughts on “Have you gotten a phishing phone call after the Epsilon breach? (updated)”

  1. Neil Schwartzman says:
    April 6, 2011 at 8:40 am

    Until there is verifiable spam sent to tightly-controlled tagged email addresses that appear ONLY on one of the purloined lists, this is speculation, at best, or possibly other opportunistic spammers capitalizing on the theft. I think the real fall-out has yet to be seen.

    1. admin says:
      April 6, 2011 at 9:04 am

      I agree it’s somewhat speculative, which is why I posed a question and asked what others are experiencing. Like you, I think we need to see vendor-specific (tagged) email addresses if we are to conclude that the spam or phishing is a result of the data breach.

      What do you think the real fall-out from this will be?

  2. Anonymous says:
    April 22, 2011 at 6:25 pm

    We are a customer of Charter Communications, and a few of the other companies that their data got compromised with the Epsilon hacking, and over the last two weeks, we have gotten at least 7 bogus phone calls with different types of “Sweepstakes” and “Survey Winner” scams. We are on the Do Not Call list also! I am curious, has other information other than the company associated with the email information been compromised and they are trying to cover up the fact that more information was leaked than stated?

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.