Email Breach: Was your address stolen?

April 4, 2011 3:13:14 PM PDT
Banks, retailers, hotels and other major companies are warning customers about a possible data breach involving millions of stolen email addresses.

The companies are warning customers they could receive fake emails from people trying to obtain personal information.

The email addresses were stolen from an advertising company used by many large companies to manage their electronic communication with customers. The exact number of names and email addresses that were exposed has not been released by the marketing company that was breached. However, this is one of the largest online marketers in the country, leading the Better Business Bureau to call this one of the biggest security breaches in U.S. history.

Over the weekend, thousands of people across the country received emails from their bank or online retailer warning that their personal information may have been compromised. Oak Park resident Ryan Glazer got one such email from Chase Bank this morning.

"It said something to the effect that a company we were using had leaked emails. We don't think it will affect you, but we're letting you know anyway," Glazer said.

The breach happened at Epsilon, a Dallas-based online marketing company that represents some very big businesses including JP Morgan Chase, Citigroup, Walgreens, Best Buy, Marriot and New York & Company.

Epsilon released a statement: The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway.

The average consumer must be more aware than usual when getting emails that may look like they're from a source they trust. Andrew Hoog is the chief investigative officer at a digital security company.

"If you receive an e-mail that says we would like to offer this new ad, provide your home number or provide us your password to log into the site, immediately delete that email and be quite suspicious of it," Hoog said.

Hoog says consumers need to pay particular attention to messages that arrive on smart phones. Hours after he got a warning from Chase Bank, he said he got a strange text message. Hoog said, "Talking about gas prices and on my phone, there was a phone number I could call that links out to a website."

Monitoring companies are reportedly overwhelmed by fraud reports and encouraging people to be responsible with their identities.

"If I didn't ask for it, I don't accept it. I just erase it," Falone Davis said.

None of the companies ABC7 called would comment on the breach. All released statements indicating their customers' account information was safe, but customers should be aware of potential problems with false