Marketing outsourcer Epsilon Data Management has notified 2% of its client base that it detected a major data breach last week. Though 2% may sound small, that breach has affected millions of people.
The breached information included names and email addresses, and affected a list of at least 57 corporations including Best Buy, Capital One, Target, TiVo and more. Chances are good that you may have received notification from at least one of these companies about the breach.
Is breached email a big deal? You may think that breached email is no big deal, but it is. Access to names and emails makes it easier for hackers to build customized phishing attacks, From a corporate perspective, it also serves as a warning about the additional risks of outsourced work and the importance of auditing your suppliers to ensure their security protocols meet your expectations.
It has also been suggested that Epsilon breached data for Walgreens last year and that additional security measures may not have been put in place. This is as yet unconfirmed. It seems that customers who opted out of marketing lists were still receiving breach notifications, prompting questions as to why Epsilon's data retention policies did not include the ability to delete information from those who opt out.
Here's some more info on what you can do: