The Business-Technology Weave

Apr 7 2011   7:40AM GMT

Epsilon – Oopsilon



Posted by: David Scott
Tags:
cost of data breach
data backup
data breach
data breach expense
data compromise
data exposure
data loss
data phishing
epsilon
phish
phishing

Only the dead have seen the last of data breaches (with apologies to Plato).

Hey – have you heard about this Epsilon thing?  Of course you have. 

 

I’ve heard it characterized as the biggest data breach in history.  Further, it seems more retailers and consumers are yet being discovered:  e-mail addresses and in some cases names have been compromised:  That is, entities that are not supposed to have those – have those.

 

This may be the largest breach in terms of number of records, number of retailers, and/or number of people compromised.  But it’s hardly the largest breach in terms of scope of data:  No credit card numbers are at (direct) risk, nor is any other critical data, such as Social Security Numbers or bank information.  Of course, you and I only have the news reports’, retailers’, and Epsilon’s word on this.

 

So what exactly is the risk?  We understand the breach:  Nefarious operators can pair your name with your e-mail address… and… what?  Well, they can contact you – via e-mail.  That’s relatively tame:  Your friends, acquaintances and business contacts do that every day. 

 

Well, these nefarious entities may contact people with bogus “warnings” about the breach.

They may attempt to “phish” (fish) for info from you, asking for confirmation of your credit card number, or ask you to log in to an account, and provide that info, in verifying that your balance hasn’t been negatively impacted by any scams (the irony).  Naturally, if anyone provides critical credit card or social security numbers, that entity then has them and they can rip you off.  Beware any and all e-mails that may appear warning and helpful:  These entities can strip official logos, language, and authentication screens (log in/sign in) from the legitimate sites, thus crafting bogus sites that appear legit.

 

Particularly at risk are novice online computer users, and youth.

 

Here’s a serviceable definition of “phishing” from Wikileaks: 

 

Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. 

 

And –

 

A phishing technique was described in detail in 1987, and the first recorded use of the term “phishing” was made in 1996. The term is a variant of fishing, probably influenced by phreaking, and alludes to baits used to “catch” financial information and passwords.

 

Stay safe out there – verify e-mails and online communications’ sources.  In all cases, when contacted with something that may be a phish, call your retailer, your bank, etc.  Good advice for this situation – and for future breaches.

 

 

On this day:  In 1927, television was transmitted from Washington DC to New York City utilizing phone lines.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: