Summary: Assorted security news about the "biggest name and email address heist in US history" and beyond

A few days ago we wrote about the Epsilon fiasco, which is said to have affected Marks and Spencer customers, probably owing to the Windows machines getting cracked (as they so often do). What we didn't know at the time is that this was the "biggest name and email address heist in US history". To quote The Inquirer:

BIG US BANKS JPMorgan Chase, Citigroup and US Bank are just three of the companies affected by a massive data breach at online marketing firm Epsilon.

These are just a few of the companies that do business with Epsilon, which said in a statement that its clients "were exposed by an unauthorised entry into Epsilon's email system".

Epsilon is a firm that sends billions of emails ads each year to people who register their interest at its customers' websites or give their email addresses when shopping. At the moment it is unclear how many people have been affected, but Reuters claimed "it could be one of the biggest such data breaches in US history".

According to another article:

What’s being described as a “massive” security breach at email marketing firm Epsilon has compromised the customer names and emails of some of the largest companies in the US, including seven of Fortune’s top 10 institutions, reports SecurityWeek.

Epsilon reportedly sends out 40 billion emails each year for more than 2,500 clients. SecurityWeek reports that clients of Epsilon affected by the infiltration include: TiVo, US Bank, JPMorgan Chase, Verizon, Capital One, Marriott Rewards, Ritz-Carlton Rewards, Citi, Brookstone, McKinsey & Co., New York & Co, Kroger and Walgreens.

It says that "Epsilon reportedly sends out 40 billion emails each year for more than 2,500 clients." Well, earlier today a marketing (spamming) agency called 2ndimpression sent on behalf of Thornley Groves a bunch of marketing junk to clients, myself included. It did this (sent unwanted mail) without permission from the recipients, requiring non-existent usernames to unsubscribe from this endless mess. These firms deserve no sympathy. Some of them are borderline criminal, but they probably know the law well enough to manoeuvre around prosecution. To them, it's risk analysis and reward. Microsoft Florian uses similar tactics to shower journalists with quotes to embed in articles.

In other news, universities keep getting cracked and Windows users receive malware from cracked sites. "The fake software is called the Windows Stability Center," says the MSBBC, but they do not say that it's only a problem for Windows users, they just say "PC" or "computer". ⬆