DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Epsilon breach used four-month-old attack

Posted on April 7, 2011 by Dissent

Brett Winterford writes:

… Today iTnews can reveal that Epsilon has been aware of the vulnerability behind this attack for some months.

In late November, Epsilon partner ReturnPath – which provides monitoring and authentication services to email service providers – warned customers about a series of coordinated phishing and hacking attacks levelled at the mailing list industry.

Neil Schwartzman, senior director of security strategy at Return Path’s ‘Email Intelligence Group’ warned its partners of “an organized, deliberate, and destructive attack clearly intent on gaining access to industry-grade email deployment systems”.

He said that the phishing attacks were targeted specifically at employees at email service providers that had specific access to email operations.

Read more on iTnews.  I note that Epsilon has not actually stated or confirmed the cause of the breach. That said, I suspect Neal’s right and I’m definitely not surprised to read this.

As a reminder, a Walgreens spokesperson had told DataBreaches.net that after the December breach that led to its notifying customers:

After the incident last year, Walgreens requested that Epsilon put a number additional security measures in place. Apparently, that expectation was not fully met.

Phishing attacks on ESPs like Epsilon are not new. There were breaches, and the threat was made publicly known. What did Epsilon do since they were made known? It seems evident that whatever they may have done, it wasn’t sufficient – assuming that this breach was of the same type as what we saw last year.

In 2008, we saw a rash of breaches in the hospitality sector when cybercriminals learned that many restaurants were using default configurations on their POS systems for customers’ credit or debit card payments. The industry spread the word – or tried to – about the need to disable remote desktop access unless absolutely necessary and to change their passwords and to limit access. There are still some breaches of this kind, but they have declined dramatically.

Now we have a rash of breaches involving ESPs. Will the Epsilon fiasco be the wakeup call for this industry? One would hope so, but before that happens, I fear we’re going to hear about more breaches – including some breaches that may have already occurred but not have been fully disclosed.

Related posts:

  • Was this Epsilon’s first breach – or its second? (update2)
  • And the hits just keep on coming for Epsilon
  • Alliance Data Provides Statement Surrounding Unauthorized Entry Incident at Epsilon Subsidiary
  • Former Epsilon Senior Executive and Sales Manager Both Sentenced for Selling Data on Millions of U.S. Consumers to Fraudsters
Category: Breach IncidentsCommentaries and Analyses

Post navigation

← Protecting a Sperm Donor's Privacy in the Digital Age
Former Emily Morgan hotel worker pleads guilty in massive theft case →

2 thoughts on “Epsilon breach used four-month-old attack”

  1. Neil Schwartzman says:
    April 7, 2011 at 6:13 pm

    They used 4-month old quotes to draw a causal link. This could just as easily be copycats exploiting another vector. We simply don’t know.

    1. admin says:
      April 7, 2011 at 6:19 pm

      Yep. It was Premature Reporting Disorder (PRD, coming soon to your next DSM or ICD) at the very least on iTnews’s part, as I have been pointing out all day in my blog entries. Brian Krebs has also been trying to alert people that what iTnews “revealed” was nothing that had been confirmed. Thanks for reiterating that point.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.