An email database of TiVo subscribers has been lost from a leading corporate email service provider -- but that's just the tip of the iceberg...  (Source: Gawker)

Chase Bank, Kroger, Walgreen's, Kraft Foods, India's Jet Airways, New York and Company and more may also be affected.  (Source: Complain About)
Other organizations that use email service provider include Kraft and Jet Airways

TiVo, Inc. (TIVO) recently announced to customers that its email services provider, Epsilon Data Management, LLC had suffered a serious data breach.  

The Alviso, Calif.-based company writes:

Dear TiVo Customer,

Today we were informed by our email service provider that your email address was exposed due to unauthorized access of their system.  Our email service provider deploys emails on our behalf to customers who opted into email-based communications from us.

We were advised by our email service provider that the information that was obtained was limited to first name and/or email addresses only.  Your service and any other personally identifiable information were not at risk and remain secure.
Please note, it is possible you may receive spam email messages as a result.  We want to urge you to be cautious when opening links or attachments from unknown third parties.

We regret this has taken place and apologize for any inconvenience this may have caused you.  We take your privacy very seriously and we will continue to work diligently to protect your personal information.

If you have unsubscribed in the past, there is no need to unsubscribe again.  Your preferences will remain in place.

The TiVo Team

Epsilon is not the only major email services provider to be hacked in recent months.  SilverPop Systems, Inc., a rival firm recently had a large scale intrusion and lost customer email databases belonging to McDonald's Corp. (MCD), Walgreen Company (WAG), and deviantArt LLC.

Clothing boutique chain New York & Company (NWY), another Epsilon customer, also revealed to customers that it was affected by the breach.  

According to a report in SecurityWeek, other customers that had their databases lost in the breach include US Bank, JPMorgan Chase & Co. (JPM); Verizon Communications, Inc. (VZ);Capital One Financial Corp. (COF); Marriott International, Inc. (MAR); the Ritz-Carlton Hotel Company LLC; Citigroup, Inc. (C); Brookstone, Inc.; McKinsey & Co., Inc.; the Kroger Comp. (KR); and Walgreen Comp. (again!).  These organizations have not all confirmed the breach, though several have announced that they are investigating whether data was lost.

A quick Google search reveals India's Jet Airways (632617) and Kraft Foods Inc. (KFT) are also customers of Epsilon.  It is unclear whether their databases were compromised, but customers who have given their emails to these firms should beware

In theory, as the TiVo email alludes to, the primary motivation for such attacks would be to collect addresses for a spamming campaign.  A lesser possibility is that the intrusions were conducted by hackers looking to test their skills and less interested in what they found.

If there's one lesson from this story, it's that while it's okay to give your email to marketers, it's wise to use a dedicated account for this purpose, with a non-standard password so as to provide yourself with an extra layer of online security.

Updated: Monday, April 4, 2011, 11:42 a.m. --

Readers are reporting that Best Buy Co., Inc. (BBY) also is emailing customers telling them that its email service provider (surprise!) Eclipse has lost their information.  Customers subscribed to the Rewards Zone program are likely effected.

As email service providers like SilverPop and Eclipse tend to keep their contracts semi-confidential, this may not be the last of the additional firms we discover to be affected.

Updated 2: Monday, April 4, 2011, 2:00 p.m. -- 

As we predicted, there are more victims of the breach.

Apparently staffing firm Robert Half International Inc. (RHI) and Ameriprise Financial, Inc. (AMP) were also Epsilon customers.  Both firms have sent emails warning users that their information may have been lost.

"Can anyone tell me what MobileMe is supposed to do?... So why the f*** doesn't it do that?" -- Steve Jobs
Related Articles

Most Popular Articles

Copyright 2018 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki