homepage Welcome to WebmasterWorld Guest from 50.17.86.12
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / WebmasterWorld / Ecommerce
Forum Library, Charter, Moderators: buckworks

Ecommerce Forum

    
More Retailers Warn of Security Breach
engine

WebmasterWorld Administrator engine us a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month Best Post Of The Month



 
Msg#: 4291834 posted 2:23 pm on Apr 4, 2011 (gmt 0)

More Retailers Warn of Security Breach [latimes.com]
Best Buy Co., TiVo Inc., and Walgreen Co. are the latest in a seemingly endless string of companies to warn over the weekend that hackers gained access to customers' files, including email addresses.

The companies all use the same marketing and communications vendor, Epsilon. It's a leading marketing services firm that sends more than 40 billion emails annually and has more than 2,500 clients including seven of the Fortune 10. Epsilon, based in Dallas, issued a brief statement on Friday saying "a full investigation was under way" following the discovery of the breach of some customer client data. The company said that information obtained was limited to names and email addresses and that "no other personal identifiable information associated with the names was at risk."

[edited by: tedster at 11:56 pm (utc) on Apr 4, 2011]
[edit reason] spelling error [/edit]

 

LifeinAsia

WebmasterWorld Administrator lifeinasia us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4291834 posted 3:43 pm on Apr 4, 2011 (gmt 0)

Yup- I got several notification e-mails from companies over the weekend about the breach. Luckily, I used the same e-mail for all of them. And it's a Hotmail account, which does a fairly decent job of spam filtering. I almost never follow links in any e-mails sent from those companies anyway (always use my bookmarked links to logon to those sites).

herb

10+ Year Member



 
Msg#: 4291834 posted 6:10 pm on Apr 4, 2011 (gmt 0)

Got a notice from TiVo dated Sunday. "Important Information About Your Account"

"information that was obtained was limited to first name and/or email addresses only."

Let's hope

digitalv

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4291834 posted 7:22 pm on Apr 4, 2011 (gmt 0)

Oh no! That means I'm going to get emails from fake companies trying to pretend to be real companies trying to sucker information out of me.

So uh... basically no different than any other day on the Internet. So basically they don't have access to anything they couldn't get off facebook anyway?

MarketingVictory



 
Msg#: 4291834 posted 8:37 pm on Apr 4, 2011 (gmt 0)

Add LL Bean to the list of brands impacted. Beans sent an email as reassuring as possible that the breach is name and email only. Time will tell ...

walkman



 
Msg#: 4291834 posted 10:00 pm on Apr 4, 2011 (gmt 0)

Wow, epsilon must be ruined. Shows the perils of doing business in the big leagues: great rewards but better be careful or else...

Sgt_Kickaxe

WebmasterWorld Senior Member sgt_kickaxe us a WebmasterWorld Top Contributor of All Time



 
Msg#: 4291834 posted 10:00 pm on Apr 4, 2011 (gmt 0)

Got notice from my bank yesterday, not good.

LifeinAsia

WebmasterWorld Administrator lifeinasia us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4291834 posted 10:18 pm on Apr 4, 2011 (gmt 0)

Now up to 5 notifications...

bmcgee

10+ Year Member



 
Msg#: 4291834 posted 12:32 am on Apr 5, 2011 (gmt 0)

Add Chase Bank to the list

JohnRoy

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4291834 posted 2:46 am on Apr 5, 2011 (gmt 0)

Add Chase Bank to the list
Known as Chase Manhattan Bank; Merged with Chemical Bank; Merged with J. P. Morgan & Co.
Currently: JP Morgan Chase.


From their email: We have a team at Epsilon investigating and we are confident that the information that was retrieved included some Chase customer e-mail addresses, but did not include any customer account or financial information. Based on everything we know, your accounts and confidential information remain secure. As always, we are advising our customers of everything we know as we know it, and will keep you informed on what impact, if any, this will have on you.

Swanny007

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4291834 posted 2:49 am on Apr 5, 2011 (gmt 0)

I just got the same basic email from Air Miles, so they're affected too! First, last names, email only according to them.

DirigoDev

10+ Year Member



 
Msg#: 4291834 posted 12:05 pm on Apr 5, 2011 (gmt 0)

I get being hacked. If youíre in this business long enough everyone gets bit. I hope that it was not a stupid mistake. Why do so many big companies use Epsilon? How have they amassed such a portfolio of high profile clients? I sent about 25 million e-mails per month from my own proprietary systems. Not SPAM. These are highly sophisticated permission based customer communications. I have solid penetration into all email service providers, a great Sender Score reputation, solid reporting and terrific ROI. I do this at a fraction of the cost of Epsilon. All in, I'm under $50k per year including template markup and testing. So why are firms lining up to use expensive firms like Epsilon? I donít get it! I guess is is all about build vs. buy. I'm a build guy.

DirigoDev

10+ Year Member



 
Msg#: 4291834 posted 12:06 pm on Apr 5, 2011 (gmt 0)

Oh. I forgot to mention that I'm not an ESP. My main business is not sending e-mail. This is just part of running a modern Web site.

bmcgee

10+ Year Member



 
Msg#: 4291834 posted 12:09 pm on Apr 5, 2011 (gmt 0)

All of these retailers (and banks) are claiming only name and email were obtained. I think they are being misleading though. Each of those companies likely has preferences stored with your email address, whether it is the type of product/service you have bought or have indicated you are interested in.

If the database was breached, surely this data was visible also. It may not be as sensitive as credit card info or financial info but it is more than they are claiming.

motorhaven

10+ Year Member



 
Msg#: 4291834 posted 1:35 pm on Apr 5, 2011 (gmt 0)

Add 1800flowers.com to the list.

frontpage

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4291834 posted 2:23 pm on Apr 5, 2011 (gmt 0)

At least you guys got a notice, I have accounts with some of the companies named and I have received ZERO notice.

wyweb



 
Msg#: 4291834 posted 2:28 pm on Apr 5, 2011 (gmt 0)

I have accounts with some of the companies named and I have received ZERO notice.

I do as well but a lot of them are Mom and Pops. I'm with some big players also but as yet haven't heard anything.

RhinoFish

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4291834 posted 3:11 pm on Apr 5, 2011 (gmt 0)

i got a warning from Disney Destination travel folks.

also reported here:
news.gather.com/viewArticle.action?articleId=281474979187600

RhinoFish

WebmasterWorld Senior Member 5+ Year Member



 
Msg#: 4291834 posted 3:12 pm on Apr 5, 2011 (gmt 0)

abc news list of affected companies:
abcnews.go.com/Technology/wireStory?id=13295491

LifeinAsia

WebmasterWorld Administrator lifeinasia us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4291834 posted 3:48 pm on Apr 5, 2011 (gmt 0)

Not sure how many of those companies use the customer's e-mail address for the login. If so, I would certainly demand the login e-mail address be changed to something else.

I also wouldn't be posting on a public forum which companies had my e-mail address (especially if it was the login).

I think they are being misleading though. ... If the database was breached, surely this data was visible also.

I am also skeptical, but that is not necessarily the case. All the data may not be in the same table or even the same database (or even on the same server). And even if it is, there may be granular security settings that really did limit the breach to name & email. (e.g., different security is needed for the different information, but only the security for the basic information was compromised.)

frontpage

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4291834 posted 11:36 am on Apr 6, 2011 (gmt 0)

Customers of Verizon Communications had their email addresses exposed in a massive online data breach last week, according to an email to customers obtained by Reuters.


No word from Verizon about my account.

walkman



 
Msg#: 4291834 posted 12:37 pm on Apr 6, 2011 (gmt 0)

"No word from Verizon about my account."

Check your email again. Verizon emailed me twice, to let me know of the breach and then another time to change my password and credit card.

arieng

5+ Year Member



 
Msg#: 4291834 posted 3:38 pm on Apr 6, 2011 (gmt 0)

So why are firms lining up to use expensive firms like Epsilon?


It's all about accountability. If and when there is a breach of security, they can lay it on someone else's doorstep, fire the provider, and move on without any lasting damage to their brand.

rocknbil

WebmasterWorld Senior Member rocknbil us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4291834 posted 5:25 pm on Apr 6, 2011 (gmt 0)

Co worker got one from Beachbody today. This is madness, talk about all your eggs in one basket . . .

LifeinAsia

WebmasterWorld Administrator lifeinasia us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4291834 posted 2:42 am on Apr 8, 2011 (gmt 0)

Didn't take long to get my first phishing attempt from the breach- just got one pretending to be from one of the companies involved. Very low quality work- typos, bad grammar, and poor design.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Ecommerce
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved