Sophisticated cyber thieves behind Epsilon attack

Apr 07, 2011
An online marketing firm hit by what may be one of the biggest data thefts ever was the victim of "highly sophisticated cyber thieves," according to its parent company. Alliance Data Systems Corp. also reiterated that only the names and email addresses of customers were stolen in the attack on its subsidiary, Epsilon, and not credit card information or social security numbers.

An online marketing firm hit by what may be one of the biggest data thefts ever was the victim of "highly sophisticated cyber thieves," according to its parent company.

Alliance Data Systems Corp. also reiterated that only the names and email addresses of customers were stolen in the attack on its subsidiary, Epsilon, and not credit card information or .

Alliance Data said Epsilon is investigating the "unauthorized entry" into its email system with and outside forensics experts and implementing additional security protocols.

"We will leave no stone unturned and are dealing with this malicious act by highly sophisticated cyber thieves with the greatest sense of urgency," Alliance Data chief executive Ed Heffernan said in a statement.

"We fully recognize the impact this has had on our clients and their customers, and on behalf of the entire Alliance Data organization, we sincerely apologize," Heffernan said.

Major US banks, hotels, retail outlets and other companies have been warning customers to be wary of fraudulent emails after Epsilon acknowledged last week that hackers had gained access to the Texas-based company's email system.

Epsilon, which sends out over 40 billion emails a year on behalf of 2,500 companies, has not identified the firms whose customers' names and email addresses were stolen but dozens of US companies have come forward.

They include Hilton and Marriott hotels, telecom giant Verizon, drugstore chain Walgreens, the Home Shopping Network and retailers , Kroger, New York & Co. and Target.

Among the banking and financial firms that have notified customers of the breach are Citigroup, JPMorgan Chase, Capital One, US Bank, Barclays Bank of Delaware and Ameriprise Financial.

Computer security experts said tens of millions of names and email addresses may have been stolen in what they said was one of the largest data thefts in US history.

Epsilon president Bryan Kennedy also issued an apology.

"We are extremely regretful that this incident has impacted a portion of Epsilon's clients and their customers," Kennedy said. "We take consumer privacy very seriously and work diligently to protect customer information.

"We apologize for the inconvenience that this matter has caused consumers and for the potential unsolicited emails that may occur as a result of this incident," he said.

Explore further: LinkedIn membership hits 300 million

add to favorites email to friend print save as pdf

Related Stories

US banks, companies issue warning after email hack

Apr 04, 2011

Computer hackers gained access to the email addresses of customers of several large US banks and other companies in a potentially huge data breach at US online marketing firm Epsilon. ...

Hackers obtain email addresses of iPad 3G owners

Jun 09, 2010

A shadowy hacking group obtained the email addresses of over 114,000 owners of Apple iPads by exploiting a vulnerability at US telecom giant AT&T, a Silicon Valley website reported on Wednesday.

Internet sleuths get new way to report stolen data

Jun 17, 2010

(AP) -- A new program being spearheaded by Microsoft Corp. is designed to provide a trusted way for researchers to report stolen credit card numbers and other data they've found in the dark corners of the Internet.

EMC's anti-hacking division hacked

Mar 18, 2011

The world's biggest maker of data storage computers on Thursday said that its security division has been hacked, and that the intruders compromised a widely used technology for preventing computer break-ins.

Recommended for you

LinkedIn membership hits 300 million

Apr 18, 2014

The career-focused social network LinkedIn announced Friday it has 300 million members, with more than half the total outside the United States.

Researchers uncover likely creator of Bitcoin

Apr 18, 2014

The primary author of the celebrated Bitcoin paper, and therefore probable creator of Bitcoin, is most likely Nick Szabo, a blogger and former George Washington University law professor, according to students ...

White House updating online privacy policy

Apr 18, 2014

A new Obama administration privacy policy out Friday explains how the government will gather the user data of online visitors to WhiteHouse.gov, mobile apps and social media sites. It also clarifies that ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

epsi00
not rated yet Apr 07, 2011
We are extremely regretful that this incident has impacted a portion of Epsilon's clients and their customers," Kennedy said. "We take consumer privacy very seriously and work diligently to protect customer information.


Really? Apparently not seriously enough since hackers were able to steal customers' data.

Let it be a lesson for cost cutting, penny pinching corporations not to concentrate in one spot ( Epsilon corporation ) their data. It would have been practically impossible to hack into every single corporation that is a client of Epsilon.

Who thinks corporations will change the way they do business? I mean the way they protect customers' data. Why bother? Just issue a "heartfelt" apology after the fact and you are off the hook. Back to business as usual.
rgwalther
1 / 5 (2) Apr 07, 2011
Organized 'Cyberthieves' are no different than pirates. The penalty should be hanging.
Birthmark
1 / 5 (1) Apr 07, 2011
OK, why don't these hackers attack companies worth attacking, Like Monsanto, or our government!?

This new way of Cyberwar could be beneficial if we learn to use it in the right way. Cybertheives are obviously typical criminals...

More news stories

Ex-Apple chief plans mobile phone for India

Former Apple chief executive John Sculley, whose marketing skills helped bring the personal computer to desktops worldwide, says he plans to launch a mobile phone in India to exploit its still largely untapped ...

Airbnb rental site raises $450 mn

Online lodging listings website Airbnb inked a $450 million funding deal with investors led by TPG, a source close to the matter said Friday.

Health care site flagged in Heartbleed review

People with accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the ...

A homemade solar lamp for developing countries

(Phys.org) —The solar lamp developed by the start-up LEDsafari is a more effective, safer, and less expensive form of illumination than the traditional oil lamp currently used by more than one billion people ...

NASA's space station Robonaut finally getting legs

Robonaut, the first out-of-this-world humanoid, is finally getting its space legs. For three years, Robonaut has had to manage from the waist up. This new pair of legs means the experimental robot—now stuck ...

Filipino tests negative for Middle East virus

A Filipino nurse who tested positive for the Middle East virus has been found free of infection in a subsequent examination after he returned home, Philippine health officials said Saturday.

Egypt archaeologists find ancient writer's tomb

Egypt's minister of antiquities says a team of Spanish archaeologists has discovered two tombs in the southern part of the country, one of them belonging to a writer and containing a trove of artifacts including reed pens ...