From the press release: The Information and Privacy Commissioner of Alberta, Frank Work issued his decisions today in regard to Best Buy Canada Ltd., and Air Miles Reward Program’s breach incident reports involving unauthorized access to personal information. Amendments to the Personal Information Protection Act (PIPA) require organizations to report incidents where there exists a…
Search Results for: Epsilon
Epsilon pledges to build ‘Fort Knox’ around breached system
Grant Gross reports: E-mail marketing giant Epsilon will build an industry-leading security system in response to a March 30 breach in which thieves gained access to the e-mail addresses and names of partner’s customers, the CEO of Epsilon’s parent company said Thursday. Epsilon had “very strong” security measures in place before the breach, but additional…
GSK involved in Epsilon breach; context raises concerns
The Epsilon breach, covered extensively on DataBreaches.net, just got worse. Yesterday, 12 days after they were notified of the breach by Epsilon, GlaxoSmithKline sent out notifications. Emphasis added by me, below: From: “[email protected]” <[email protected]> Date: April 16, 2011 1:30:36 PM EDT To: [redacted] Subject: An Important Message from GSK Consumer Healthcare Reply-To: “[email protected]” Dear GlaxoSmithKline…
Readers question whether Epsilon breach was really names and email addresses only (updated to include response from Epsilon)
From comments under another blog entry, it seems clear that a lot of people are not believing Epsilon’s assurance that the breach involved names and email addresses only. I received the following email, which I am reproducing except for redacting the name of the sender and the name of the Epsilon employee and their phone…
The Epsilon Hack Attack: Time For “SOX For Consumers”?
Matt Pauker of Voltage Security discusses the Epsilon breach and where we go from here. He writes, in part: What about requiring every third-party service provider to protect personal customer data through encryption, tokenization or another advanced security technology, through clauses written into and enforced as part of standard service level agreements? This is something…
Who should be notifying consumers about the Epsilon breach?
Senator Richard Blumenthal, a staunch consumer privacy advocate, has said that Epsilon should be notifying every consumer whose data were involved in the recent humongous breach. You can read his entire letter to Attorney General Eric Holder requesting an investigation on his web site, but here’s part of what he wrote: I believe that immediate…