Banks, retailers warn of massive e-mail breach

 

With the possible theft of millions of consumer e-mail addresses from an advertising company, several large companies have started warning customers to expect fraudulent e-mails that try to coax account login information from them.
A dozen companies said over the weekend that hackers may have learned their e-mail addresses because of a security breach at a Dallas-based company called Epsilon that manages e-mail communications.
Among the affected companies are banks like Capital One Financial, Barclays Bank, U.S. Bancorp, Citigroup and JPMorgan Chase, and retailers like Best Buy, TiVo, Walgreen and Kroger.
The College Board, the not-for-profit organization that runs the SATs, also warned that a hacker may have obtained student e-mail addresses.

Walt Disney Co.’s travel subsidiary, Disney Destinations, sent e-mails warning customers on Sunday.
Epsilon said Friday that its system had been breached, exposing e-mail addresses and customer names but no other personal information.
The e-mail addresses could be used to target spam. It’s also a standard tactic among online fraudsters to send e-mails to people, purporting to be from a large bank and asking them to login in at a site that looks like the bank’s site. Instead, the fraudulent site captures their login information and uses it to access the real account.
The data breach could make these so-called “phishing” attacks more efficient, by allowing the fraudsters to target people who actually have an account with the bank.
Epsilon sends more than 40 billion e-mails annually and has more than 2,500 clients.
Source:Usatoday