Corporate America scrambles to contain Epsilon hack fallout

Suits and ties across corporate America are engaging in frenetic damage control after an embarrassing hack highlighted the perils of marketing decadence for all to see.

Yes, U.S. direct marketing company Epsilon has confirmed “an incident” where a subset of client customer data was exposed by an “unauthorized entry” into the Epsilon’s email system.

D’oh!

Fortunately, only names and email addresses were compromised, which, if you ask me, is certainly bad enough, because I’m already forced to wade through (supposedly legitimate) reams and reams of marketing spam every morning. 

But I digress.

As Sophos security expert Paul Ducklin points out, the data breach will undoubtedly cause a negative “knock-on” effect across the industry.

“Epsilon is, if you like, a ‘cloud provider’ of electronic direct marketing services, so a security breach of the Epsilon system is, effectively, a breach of all its customers’ systems, too.”

Indeed, a number companies have already issued email alerts warning customers over the incident, including Best Buy, McKinsey Quarterly, AbeBooks, Lacoste, Walgreens, Fry’s, Marriott Rewards and JP Morgan Chase.

 

According to Ducklin, the incident is part of a disturbing trend – implying that a number of corporations, such as RSA, Comodo and Facebook “don’t know everything” about security.

Ya think?!?

“[Yes], outsourcing and the cloud are buzzwords of the 2010s – their many evangelists will assure you that cloud-sourcing your high-volume Internet services is certain to save you money, improve your up-time, and boost your security. 



“After all, if you leave a job such as direct marketing (or email, or office automation, or authentication) entirely to the specialists, you’re bound to have experts on the job who are at least as switched on about security as you are. [Still]], sometimes, keeping your own skills and abilities factored in to your organization’s security equation can pay off,” he added.