updated 06:50 pm EDT, Sun April 3, 2011
TiVo, bank e-mail exposed in Epsilon hack
Large-scale e-mail marketer Epsilon warned this weekend that at least 14 major companies had their e-mail lists compromised through a security hack. TiVo, as well as banks like Capital One, Citi, and JPMorgan Chase, warned that their customers could be targeted by phishing attempts or anything else that relies on knowing an e-mail address. The affected group stressed that they didn't have any other personally identifying data besides names, although rewards programs from Marriott and Ritz-Carleton also exposed point balances.
Epsilon provided few details about its solution other than that an investigation was underway. Brookstone and Walgreens were also among the more recognizable companies affected.
The break-in could lead to more plausible scam attacks than usual phishing since they would be attached to specific services and fool some users into thinking e-mails are legitimate. Those hit by the attack can check the full message headers to see where a message is actually coming from as well as check the web address to make sure it's from a legitimate address, like a tivo.com site, rather than just clicking the link. [via SecurityWeek]