05 Apr 2011

Hackers obtain millions of email addresses in Epsilon attack

Epsilon, the world’s largest distributor of permission-based email, recently revealed that millions of email addresses were exposed after an attack on its servers.

The company sends more than 40 billion emails a year for more than 2,500 customers, including Capital One, Chase, CitiGroup and JP Morgan Chase.

Although the cyber criminals were able to obtain millions of email addresses, no additional personal information has reportedly been compromised. Customers whose email addresses were exposed are in danger of receiving spam and phishing attacks.

"Phishing scams are the No. 1 concern from this breach,” Amol Sawarte, a cyber crime expert told PCWorld. “Hackers could send fake emails pretending to be your bank, pharmacy, hotel or other business that were customers of Epsilon. The email will look real and will be convincing as attackers have the customer's name and the company information that they did business with.”

IBM recently released a vulnerability report and, according to the data, vulnerability disclosures reached an all-time high in 2010. Nearly half of all vulnerabilities reported were web applications.