Posted by: David Scott
cost of data breach, data backup, data breach, data breach expense, data compromise, data exposure, data loss, data phishing, epsilon, phish, phishing
Only the dead have seen the last of data breaches (with apologies to Plato).
Hey – have you heard about this Epsilon thing? Of course you have.
I’ve heard it characterized as the biggest data breach in history. Further, it seems more retailers and consumers are yet being discovered: e-mail addresses and in some cases names have been compromised: That is, entities that are not supposed to have those – have those.
This may be the largest breach in terms of number of records, number of retailers, and/or number of people compromised. But it’s hardly the largest breach in terms of scope of data: No credit card numbers are at (direct) risk, nor is any other critical data, such as Social Security Numbers or bank information. Of course, you and I only have the news reports’, retailers’, and Epsilon’s word on this.
So what exactly is the risk? We understand the breach: Nefarious operators can pair your name with your e-mail address… and… what? Well, they can contact you – via e-mail. That’s relatively tame: Your friends, acquaintances and business contacts do that every day.
Well, these nefarious entities may contact people with bogus “warnings” about the breach.
They may attempt to “phish” (fish) for info from you, asking for confirmation of your credit card number, or ask you to log in to an account, and provide that info, in verifying that your balance hasn’t been negatively impacted by any scams (the irony). Naturally, if anyone provides critical credit card or social security numbers, that entity then has them and they can rip you off. Beware any and all e-mails that may appear warning and helpful: These entities can strip official logos, language, and authentication screens (log in/sign in) from the legitimate sites, thus crafting bogus sites that appear legit.
Particularly at risk are novice online computer users, and youth.
Here’s a serviceable definition of “phishing” from Wikileaks:
Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.
A phishing technique was described in detail in 1987, and the first recorded use of the term “phishing” was made in 1996. The term is a variant of fishing, probably influenced by phreaking, and alludes to baits used to “catch” financial information and passwords.
Stay safe out there – verify e-mails and online communications’ sources. In all cases, when contacted with something that may be a phish, call your retailer, your bank, etc. Good advice for this situation – and for future breaches.
On this day: In 1927, television was transmitted from Washington DC to New York City utilizing phone lines.