The email addresses of millions of customers on Marks and Spencer’s database were stolen by hackers recently as part of a major data breach of the internet marketing firm Epsilon. Epsilon, who call themselves “the leading provider of multi-channel marketing services”, have 2,500 corporate clients worldwide and send 40 billion emails a year to their customers.
Files containing the names and email addresses of customers were accessed by unauthorized entry into their computer system. Tesco are also known to use Epsilon for their marketing, however they categorically deny that any of their customers’ details have been stolen.
M&S were forced to send an email to all their customers stating:
'We have been informed by Epsilon, a company we use to send emails to our customers, that some M&S customer email addresses have been accessed without authorisation. We wanted to bring this to your attention as it is possible that you may receive spam email messages as a result. We apologise for any inconvenience this may cause you. We take your privacy very seriously, and we will continue to work diligently to protect your personal information.’
M&S refused to release the amount of customers affected by the data breach. After realising the hack had occurred on April 4th, Epsilon released a statement regarding the incident:
"A rigorous assessment determined that no other personal identifiable information associated with those names was at risk."
Coming after the recent debacles involving Play.com and Trip Advisor, it no longer seems possible to use the internet without seriously threatening the security of your information. As the hack is thought to have occurred on Epsilon’s American servers, the Information Commissioner’s Office are powerless to intervene.
Internet security expert Dr Stefan Fafinski, explained how spammers will use the information:
“Spammers will have a list of good, known and verifiable email addresses that comes straight out of M&S. Once they have names as well as email addresses, the spammers can personalise the emails they send out to look much more like a genuine company communication.”
Marks and Spencers has a diverse demographic of customers, many of whom will not be fully aware of the dangers of internet scams and ‘phishing’. For advice on how to spot these types of emails, visit www.scambusters.org
I have begun receiving emails from several institutions here in America saying the same thing, about the email theft at Epsilon, warning me not to click through on links sent by phishing emails sure to start showing up soon. I expect to receive more such warnings in the next week as many US companies were using Epsilon services. People must be informed about this as the phishing emails are going to start becoming very common again. As an aside, I usually take a moment to forward such emails to the fraud investigation email address of the institutions they claim to be from - and sometimes, just for devilment, I will click through to the fallicious link in the email and enter an incorrect user-name and an incorrect password, something totally fictious, just to bedevil the instigators of the fraud.
Posted by: Mary | 07/04/2011 at 05:00 PM
"As the hack is thought to have occurred on Epsilon’s American servers, the Information Commissioner’s Office are powerless to intervene"
Ask Gary McKinnon
Posted by: Purlieu | 07/04/2011 at 05:54 PM
I had this website saved a while in the past but my computer crashed. I have since gotten a new one and it took me a while to locate this! I also really like the theme though
Posted by: UGG Boots | 25/06/2011 at 09:40 AM