The email addresses of millions of customers on Marks and Spencer’s database were stolen by hackers recently as part of a major data breach of the internet marketing firm Epsilon. Epsilon, who call themselves “the leading provider of multi-channel marketing services”, have 2,500 corporate clients worldwide and send 40 billion emails a year to their customers.
Files containing the names and email addresses of customers were accessed by unauthorized entry into their computer system. Tesco are also known to use Epsilon for their marketing, however they categorically deny that any of their customers’ details have been stolen.
M&S were forced to send an email to all their customers stating:
'We have been informed by Epsilon, a company we use to send emails to our customers, that some M&S customer email addresses have been accessed without authorisation. We wanted to bring this to your attention as it is possible that you may receive spam email messages as a result. We apologise for any inconvenience this may cause you. We take your privacy very seriously, and we will continue to work diligently to protect your personal information.’
M&S refused to release the amount of customers affected by the data breach. After realising the hack had occurred on April 4th, Epsilon released a statement regarding the incident:
"A rigorous assessment determined that no other personal identifiable information associated with those names was at risk."
Coming after the recent debacles involving Play.com and Trip Advisor, it no longer seems possible to use the internet without seriously threatening the security of your information. As the hack is thought to have occurred on Epsilon’s American servers, the Information Commissioner’s Office are powerless to intervene.
Internet security expert Dr Stefan Fafinski, explained how spammers will use the information:
“Spammers will have a list of good, known and verifiable email addresses that comes straight out of M&S. Once they have names as well as email addresses, the spammers can personalise the emails they send out to look much more like a genuine company communication.”
Marks and Spencers has a diverse demographic of customers, many of whom will not be fully aware of the dangers of internet scams and ‘phishing’. For advice on how to spot these types of emails, visit www.scambusters.org