Epsilon and the Disappearance of Millions and Millions of Email Addresses

Until recently, most of the general public was totally unfamiliar with a company called Epsilon.  And even if some of us had heard of it, we never would have thought that it would soon become an international focal point.

Epsilon is a firm that manages email-marketing campaigns for large companies.  Managing these campaigns requires massive amounts of information and filtering.  Epsilon makes sure that men don’t get email campaigns about feminine hygiene products, that college students do get ads about pre-planning funerals, and that mothers do get ads about everything having to do with children.  Of course, compiling all that information takes a lot of time and manpower, two resources that large companies usually prefer not to allocate to their marketing departments.  So, they hire companies like Epsilon to do it for them.  Because of this, Epsilon has information about millions and millions and millions of customers, including names and email addresses.

Recently, a group hacked into Epsilon’s servers and pulled personal data on some of those millions of customers.  While Epsilon isn’t talking about how the breach occurred, they are saying that the hackers only got away with email addresses and names.  No banking, financial, or other sensitive information was taken.

If the hacker only got names and email addresses, is this breach even important? Unfortunately, the answer is: yes, it is very important.  One of today’s most common threats to your personal information is phishing attempts, or the process of sending out emails to people and asking them to send back specific information, like financial info or logins for sites causing unsuspecting users to willingly give out their info.

The most troublesome aspect of the breach is that the hackers can use those email addresses and names and mask the sender address so that people think they are getting a personalized email from a reputable company they already do business with.  For instance, a hacker could “mask” an address so it looks like Joey is getting an email from Citibank about his online account, asking for login verification, perhaps even referencing earlier emails that were actually sent by Citibank.  If Joey isn’t careful, he could give out all his banking information – and get phished.

It is difficult to pin down exactly what companies have been affected but here is a list of some of them: JP Morgan Chase, Citibank, 1-800-Flowers, Walgreens, Best Buy, Capital One, Ethan Allen, Target and others.  I think it is fair to say that you or someone you know has gotten a warning from at least one company letting you know about the Epsilon breach.  I got three different emails from three different companies that had used Epsilon informing me about the breach.

The important thing for you to remember is to be very careful about sharing information. For the next few weeks or months, take on a “trust no one” attitude and vigilantly check each email you receive that asks for personal information.  Simply don’t reply via email with any sensitive information.  Instead of clicking on any embedded links, type them into the browser.  If you are suspicious, call the company directly to verify the veracity of the email.

Epsilon may not know who did this, but you don’t need to wait to find out to be safe.

**UPDATE: Attorney General asked to look in to security breach.**

Hackers Unite

The thieves who made off with more than $2.5M from Citibank and caused the bank to issue 100,000 replacement bank cards have highlighted an alarming trend. Hackers are evolving. And, they are organizing and uniting. They even have a Twitter account. Before the advent of the Internet, we called these hackers “robbers” or “criminals” or the “mafia.” However, now that the Internet has provided a way to enter the front door through the digital underground, hacking has evolved in to a disastrous enterprise.

I’m seeing the evolution of four kinds of hackers emerging into cohesive groups that we need to pay close attention to.

Mobsters: The hackers who attacked Citibank are probably “mobster” hackers. Mobsters are hackers who are connected to large-scale criminal enterprises bringing new meaning to the phrase “organized crime.” In some cases, crime families are hiring hacking groups to procure log-in information for one site knowing that many consumers today are using the same log-in for their financial sites as well. Citibank seems like a perfect example of this kind of activity.

Taunters: Taunting hackers are just thumbing their noses at anyone who dares to believe they have good online security systems in place. These kinds of hacker are breaking security settings, stealing email addresses, and bypassing firewalls just to show that it can be done, usually to the great embarrassment of the company being preyed upon. The hackers who keep breaching Sony’s systems and the CIA website are most likely taunters.

Activists: Activist hackers seem to have taken a nod from Taunters. While the act of hacking remains criminal, hackers who are breaching security to support a social cause aren’t in it for the money. The hi-jacking of the PBS website to protest the Frontline story on Wikileaks is a prime example as are the attacks on Visa, MasterCard, PayPal, and Sarah Palin. These are more like sit-ins, road blocks, and Green Peace protests.

Anarchists: The fourth and final kind of hackers are those who are working to dismantle governments, disrupt the lives of entire populations, or shut down some branch of government. Anarchist hackers may be engaged in what some might call terrorists activities and others might call citizen uproars or even revolutions. (On a side note, when sponsored by nation-states against enemies, they fall under counter-intelligence activities as well. See unleashing worms).

Whenever those destined to engage in criminal activity of any kind begin to unite and organize, good citizens must pay serious attention. Metamorphosis is a dynamic process, and the hacking evolution is no different. As certain groups gain strength and numbers, allegiances will shift and factions will break.

And as they declare war on each other, the good citizens of the world, like you and I, can find ourselves in a heap of collateral damage.

Ευχαρίστησε από τη μεριά του τον μητροπολίτη, τα παιδιά και το εκπαιδευτικό προσωπικό. Δώστε στον ellinikafarmakeio.com θεράποντα γιατρό σας μία λίστα όλων των φαρμάκων, βοτάνων, μη συνταγογραφούμενων φαρμάκων, ή συμπληρωμάτων διατροφής που λαμβάνετε.