Firm hit by hackers
Coeur d'Alene Press | UPDATED 15 years, 1 month AGO
Alliance Data Systems Corp., the Dallas-based parent company of marketing services firm Epsilon, said Wednesday the unauthorized entry into Epsilon's email system was limited to customers' names and email addresses only.
Idaho Attorney General Lawrence Wasden issued a consumer alert Tuesday regarding the March 30 data breach at the Texas-based firm.
"The biggest risk from this data breach is that the thieves, now in possession of your name, email address, and business relationships, could send phishing emails," Wasden said in a press release. "Never email passwords, financial information, or other personal indentifying information to anyone and always conduct financial transactions on secure websites."
Wasden said the list of businesses affected includes U.S. Bank, Fred Meyer, Walgreens, Target, Fred Meyer, Borders, Best Buy, JPMorgan Chase and others.
With more than 2,500 clients, Epsilon sends more than 40 billion marketing e-mails annually.
U.S. Bank on Saturday sent out an email to customers warning that "files containing your email address were accessed by unauthorized entry into (Epsilon's) computer system."
The bank said Epsilon helps it send customers emails about products and services that might be of interest.
U.S. Bank assured customers that it never provided Epsilon with financial information about its customers.
"We ask that you remain alert to any unusual or suspicious emails," the bank wrote to customers.
The Kroger Co., parent of Fred Meyer, said Epsilon manages Kroger's customer email database. Kroger said in a press release it will never ask for personal information such as credit card numbers or social security numbers in an email.
Bryan J. Kennedy, president of Epsilon, said, "We apologize for the inconvenience that this matter has caused consumers and for the potential unsolicited e-mails that may occur as a result of this incident."
Wasden said that consumers who receive a phishing attempt because of the Epsilon data breach can report it to the U.S. Secret Service by emailing [email protected]