CIO Symmetry

Apr 12 2011   1:32PM GMT

What have we learned from the Epsilon security breach?

Scot Petersen Scot Petersen Profile: Scot Petersen

My wife and I started getting the emails April 4. Best Buy. Our bank. Other e-commerce sites we had shopped. The impact of the Epsilon security breach was far and wide.

My first thought was that at least companies are getting less squeamish about putting out breach notifications. By now, businesses understand that a security breach doesn’t necessarily mean that they will be put out of business, which we learned with the TJX data breach.

But what is different in the wake of the Epsilon attack is that cybercriminals don’t necessarily have to get all of your personally identifiable information anymore to be able to get an edge on the consumer. Here, they just got names and email addresses. But that may be enough: A mere notification may be enough to spur someone to reply to a phishing email and inadvertently give away much more information than the original breach garnered.

Just as companies all have to have security and privacy policies, so do individual consumers when dealing with cybercrime. The same rules apply, however — awareness, diligence and taking the responsibility to know with whom you are doing business.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: