Quoted from Epsilon web site.

IRVING, TEXAS – April 1, 2011 – On March 30th, an incident was detected where a subset* of Epsilon clients’ customer data were exposed by an unauthorized entry into Epsilon’s email system. The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway.
For Media Inquiries please contact Jessica Simon (212-457-7135, jsimon@epsilon.com)For Consumer Inquiries please contact Sarah Branam (303-410-5369, sbranam@epsilon.com)
* Updated April 4, 2011: The affected clients are approximately 2 percent of total clients and are a subset of clients for which Epsilon provides email services.

This is tragic!
Am I being pessimistic? – No.

So far I received apologetic email from Chase, Barclays, Best Buy, College Board, Target. It is tragic because most people do not understand what has happened and what will be happening soon. An avalanche of phishing emails is going to flood your email box if you do not act now to protect yourself.

The best way to deal with it is to change email address on each account. Delete breached email address. Do not use it anywhere and anymore. Forget it ever existed.

Each breached account has to get new unique email address.
No two accounts can share same email address.
Do not use same user name.
Do not use same password.

I changed all of my accounts, breached or not, to use randomly generated user names and passwords. Each account also got spanking new randomly generated email. Why randomly generated? Because it is simpler and there is no thinking involved, no “playing with numbers” and letters. Account names, passwords and email have nothing in common with each other.

Below are two interesting quotes from big name businesses.

Quote from Chase Bank email received 4/04/2011.

As a reminder, we recommend that you:
Don’t give your Chase OnlineSM User ID or password in e-mail.
Don’t respond to e-mails that require you to enter personal information directly into the e-mail.
Don’t respond to e-mails threatening to close your account if you do not take the immediate action of providing personal information.
Don’t reply to e-mails asking you to send personal information.
Don’t use your e-mail address as a login ID or password.

Great advice, but not everybody is thinking the same way.

Here is quote from FPL email received 3/31/2011.

Subject: “FPL: Reminder, your User ID has changed”
“At FPL, we are committed to improving the service we provide to you. We hope switching your User ID to the email address you first provided when you created your online account will help you access your account more easily.”

More easily for who? hackers and spammers?
What are this people thinking?
Who came up with this possibly fatal idea?

Stay tuned for more fatalistic news.
Need help with email problems – let me know.
I have few solutions that have worked for me and my clients for more than 15 years.

Tagged with:  

Comments are closed.

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Visit our friends!

A few highly recommended friends...