Jaikumar Vijayan follows up on the news story by iTnews, mentioned earlier today, which reported that the Epsilon attack was a spear-phishing attack that resulted in the downloading of malware. Jai makes a point of noting, however, that there’s no proof or confirmation yet from Epsilon that this was a spear-phishing attack. As I commented earlier today,…
Category: Commentaries and Analyses
Epsilon breach used four-month-old attack
Brett Winterford writes: … Today iTnews can reveal that Epsilon has been aware of the vulnerability behind this attack for some months. In late November, Epsilon partner ReturnPath – which provides monitoring and authentication services to email service providers – warned customers about a series of coordinated phishing and hacking attacks levelled at the mailing…
Have you gotten a phishing phone call after the Epsilon breach? (updated)
I received the following email from a blog reader this morning: FYI I have received 3 phishing emails in the last 12 hours including emails purportedly from Charter, Walgreens, and Citibank; of special interest however is the fact that I received a phone call on my home phone and the ID listed the caller as…
Why unsubscribing from mail lists might not have protected you from the Epsilon breach
Back in December 2010, when Walgreens sent out its first breach notifications, one of the troubling aspects was that despite the fact that consumers had unsubscribed from their mailings, their data had been retained. The December 2010 notification email read, in part: We realize you previously unsubscribed from promotional emails from Walgreens, and that will continue….
UK: Lancashire Police officers dismissed for breaching data laws
The residents of Lancashire, like most people in Britain, hope that the police are there to protect them. So they will be shocked and disappointed today to find out that dozens of police have been using police equipment to spy on their partners and neighbours for the last three years. There were a total of…
Failure to encrypt portable devices inexcusable, say analysts
Following the report earlier this week that a laptop containing 13,000 BP claimants’ personal data was missing, Jaikumar Vijayan reports that data breaches involving unencrypted laptops and portable drives continues at inexcusably high rates: The company is only the latest in a long list of organizations that have made similar announcements over the past several…