Breached E-Mail Marketer Sends Billions of E-Mails a Year

The Epsilon e-mail data breach brought a little-known but hugely influential e-mail marketer into the public eye. If you'd heard of Epsilon Data Management before Friday, you're in the minority--and yet the Dallas-based "permission-based marketer" sends 40 billion e-mails a year on behalf of 2,500 client brands, according to the Wall Street Journal.

Forty billion marketing e-mails! That's about six pieces for every person on the planet.

Who those brands are--two of the three largest banks in America, its biggest drugstore chain and supermarket, the administrator of the SAT, among dozens of others--has resurrected public fears around Internet-based commerce. Who has my information? What are they doing with it? Do I really need--or even read--e-mail from my supermarket?

Here's what's new:

  • More than 40 companies have admitted to customers that their data was accessed. New victims include financial service providers TD Ameritrade, TIAA-CREF and MoneyGram; retailers Eddie Bauer, Ethan Allen, Eileen Fisher, 1-800-Flowers, bebe and Beachbody; and travel companies Air Miles and Red Roof Inns.
  • Epsilon says 2 percent of its client companies were affected, about 50 companies, Security Week reported Tuesday. It has not identified the clients.
  • E-mails are already circulating, warning people to avoid phishing scams. Trouble is, some of them ARE phishing scams. (One purporting to be from Chase: "Don't click links in e-mail! For more info, click here!") Even people who know better will let their guard down when contacted by companies they know. A hot news angle makes the ploy even more likely to succeed.

It's probably best not to click through links in e-mail from any commercial enterprise, or dial any phone number in an e-mail either. Go to the company's Web page, use a link you have bookmarked, or get out the Yellow Pages, pick up the telephone, and call.

The data haul includes some vulnerable folks: High school students (The College Board was affected), the unemployed (Robert Half International, ditto), retirees (TIAA-CREF, ditto) and people who wear alligator shirts (Lacoste, ).

Need tips about how to protect yourself? Here's a handy PDF from the horse's mouth: "5 Ways to Proactively Guard Your E-mail Programme Against Phishing," a 2009 e-newsletter from Epsilon International. Unfortunately, it was directed to Epsilon's corporate clients--not the recipients of those 40 billion pieces of mail.

Subscribe to the Security Watch Newsletter

Comments