Grant Gross reports: E-mail marketing giant Epsilon will build an industry-leading security system in response to a March 30 breach in which thieves gained access to the e-mail addresses and names of partner’s customers, the CEO of Epsilon’s parent company said Thursday. Epsilon had “very strong” security measures in place before the breach, but additional…
Search Results for: Epsilon
GSK involved in Epsilon breach; context raises concerns
The Epsilon breach, covered extensively on DataBreaches.net, just got worse. Yesterday, 12 days after they were notified of the breach by Epsilon, GlaxoSmithKline sent out notifications. Emphasis added by me, below: From: “gskconsumerhealthcare@e.gsk-answers.com” <gskconsumerhealthcare@e.gsk-answers.com> Date: April 16, 2011 1:30:36 PM EDT To: [redacted] Subject: An Important Message from GSK Consumer Healthcare Reply-To: “gskconsumerhealthcare@e.gsk-answers.com” Dear GlaxoSmithKline…
Readers question whether Epsilon breach was really names and email addresses only (updated to include response from Epsilon)
From comments under another blog entry, it seems clear that a lot of people are not believing Epsilon’s assurance that the breach involved names and email addresses only. I received the following email, which I am reproducing except for redacting the name of the sender and the name of the Epsilon employee and their phone…
The Epsilon Hack Attack: Time For “SOX For Consumers”?
Matt Pauker of Voltage Security discusses the Epsilon breach and where we go from here. He writes, in part: What about requiring every third-party service provider to protect personal customer data through encryption, tokenization or another advanced security technology, through clauses written into and enforced as part of standard service level agreements? This is something…
Who should be notifying consumers about the Epsilon breach?
Senator Richard Blumenthal, a staunch consumer privacy advocate, has said that Epsilon should be notifying every consumer whose data were involved in the recent humongous breach. You can read his entire letter to Attorney General Eric Holder requesting an investigation on his web site, but here’s part of what he wrote: I believe that immediate…
Epsilon a Victim of Spear-Phishing Attack, Says Report (update/correction)
Jaikumar Vijayan follows up on the news story by iTnews, mentioned earlier today, which reported that the Epsilon attack was a spear-phishing attack that resulted in the downloading of malware. Jai makes a point of noting, however, that there’s no proof or confirmation yet from Epsilon that this was a spear-phishing attack. As I commented earlier today,…