Monday, April 4, 2011

Banks Make a Withdrawl on Information Security

After my last few posts...  I just have no words.     Link to article!!!

More customers exposed as big data breach grows

Photo
Sun, Apr 3 2011
By Jonathan Spicer and Maria Aspan
NEW YORK (Reuters) - The names and e-mails of customers of Citigroup Inc and other large U.S. companies, as well as College Board students, were exposed in a massive and growing data breach after a computer hacker penetrated online marketer Epsilon.
In what could be one of the biggest such breaches in U.S. history, a diverse swath of companies that did business with Epsilon stepped forward over the weekend to warn customers some of their electronic information could have been exposed.
Drugstore Walgreen, Video recorder TiVo Inc, credit card lender Capital One Financial Corp and teleshopping company HSN Inc all added their names to a list of targets that also includes some of the nation's largest banks.
The names and electronic contacts of some students affiliated with the U.S.-based College Board -- which represents some 5,900 colleges, universities and schools -- were also potentially compromised.
No personal financial information such as credit cards or social security numbers appeared to be exposed, according to the company statements and e-mails to customers.
Epsilon, an online marketing unit of Alliance Data Systems Corp, said on Friday that a person outside the company hacked into some of its clients' customer files. The vendor sends more than 40 billion e-mail ads and offers annually, usually to people who register for a company's website or who give their e-mail addresses while shopping.
"We learned from our e-mail provider, Epsilon, that limited information about you was accessed by an unauthorized individual or individuals," HSN, also an e-commerce operator, said in an e-mail to customers on Sunday.
"This information included your name and e-mail address and did not include any financial or other sensitive information. We felt it was important to notify you of this incident as soon as possible."
Citigroup customer names and some credit card customers' e-mail addresses -- but no account information -- were part of the data breach, the third-largest U.S. bank said on Saturday.
The College Board, which administers the SAT admissions tests, on Saturday warned students about the breach and asked them to be cautious about receiving "links or attachments from unknown third parties," according to two e-mails reviewed by Reuters.
The not-for-profit organization is in contact with more than 7 million students, according to its website. It did not immediately return calls for comment.
PROBING FOR ANSWERS
Law enforcement authorities are investigating the breach, though it was unclear on Sunday how many customers or students had been exposed. Epsilon is also looking into what went wrong.
"While we are cooperating with authorities and doing a thorough investigation, we cannot say anything else," said Epsilon spokeswoman Jessica Simon. "We can't confirm any impacted or non-impacted clients, or provide a list (of companies) at this point in time."
Capital One, which also runs a bank, and Walgreens, the largest U.S. drugstore, said the Epsilon hacker accessed its customer e-mail addresses, but no personally identifiable information.
TiVo, a maker of digital video recorders, said the information that was obtained was limited to e-mail addresses and clients' first names.
The incident comes three years after hackers penetrated Heartland Payment Systems, a credit and debit card processor, in one of the biggest identity-theft cases in U.S. history.
In that case, notorious hacker Albert Gonzalez led a ring that stole more than 40 million payment card numbers, and was later sentenced to 20 years in prison.
On Friday, JPMorgan Chase & Co, the second-largest U.S. bank, and Kroger Co, the biggest U.S. supermarket operator, said that some customers were exposed as part of the Epsilon data breach.
Citigroup announced that it had been affected on Saturday evening. Spokesman Sean Kevelighan said the bank started informing its customers of the breach on Friday through a link on its website.
Some of Epsilon's other clients include Verizon Communications Inc, Blackstone Group LP's Hilton Hotels, Kraft Foods Inc, and AstraZeneca.
(Reporting by Jonathan Spicer and Maria Aspan, editing by Maureen Bavdek, Diane Craft and Gunna Dickson)
Posted by at No comments:

Best Buy Jumps Off the Information Security Train!!

I posted only a few days ago about getting an email from Kroger about information being compromised from their customer database.  Now it seems that Best Buy paid attention to the veiled warning that it could, and is happening...  and did nothing.  I got this email today.

Dear Valued Best Buy Customer,

On March 31, we were informed by Epsilon, a company we use to send emails to our customers, that files containing the email addresses of some Best Buy customers were accessed without authorization.

We have been assured by Epsilon that the only information that may have been obtained was your email address and that the accessed files did not include any other information. A rigorous assessment by Epsilon determined that no other information is at risk. We are actively investigating to confirm this.

For your security, however, we wanted to call this matter to your attention. We ask that you remain alert to any unusual or suspicious emails. As our experts at Geek Squad would tell you, be very cautious when opening links or attachments from unknown senders.

In keeping with best industry security practices, Best Buy will never ask you to provide or confirm any information, including credit card numbers, unless you are on our secure e-commerce site, www.bestbuy.com. If you receive an email asking for personal information, delete it. It did not come from Best Buy.

Our service provider has reported this incident to the appropriate authorities.

We regret this has taken place and for any inconvenience this may have caused you. We take your privacy very seriously, and we will continue to work diligently to protect your personal information. For more information on keeping your data safe, please visit:
http://www.geeksquad.com/do-it-yourself/tech-tip/six-steps-to-keeping-your-data-safe.aspx.

Sincerely,

Barry Judge
Executive Vice President & Chief Marketing Officer
Best Buy


We'll see who's next
Posted by at No comments:
Labels: , , ,

Saturday, April 2, 2011

Kroger Loses Customer Information


These days, we take our privacy and security more seriously than we ever have.  We as consumers especially entrust companies to even put forth a more concerted effort with their vast databases of "our" information.  When a company has information that has been suspected of being compromised, sometimes we as consumers will never hear about it.  The company just does not want to risk the bad publicity.

We need to be more vigilant!  Kroger sent out emails to their database of customers, citing a breach in their security from outside the company.  Although the alleged information that was used, is name and email only, it shows that there is perhaps a larger underlying problem.  Another look should be taken at their information protection systems.  It's reiterates to all companies, to do the same, and be prepared for their security to be punctured and head it off beforehand.  The statement was:


Dear [Kroger Customer],

Kroger wants you to know that the data base with our customers' names and email addresses has been breached by someone outside of the company. This data base contains the names and email addresses of customers who voluntarily provided their names and email addresses to Kroger. We want to assure you that the only information that was obtained was your name and email address. As a result, it is possible you may receive some spam email messages. We apologize for any inconvenience.

Kroger wants to remind you not to open emails from senders you do not know. Also, Kroger would never ask you to email personal information such as credit card numbers or social security numbers. If you receive such a request, it did not come from Kroger and should be deleted.

If you have concerns, you are welcome to call Kroger’s customer service center at 1-800-Krogers (1-800-576-4377).

Sincerely,

The Kroger Family of Stores

If you wish to create or edit your online Kroger profile, please click here.

The Kroger Co.
1014 Vine Street
Cincinnati, OH 45202


(It was a nice touch to offer a link to create a customer account)
Posted by at No comments:
Labels: , , ,

Friday, April 1, 2011

9 Reasons to NOT buy an Iphone..

Very nice illustration from Mactrast on why the Iphone fails as a 5th generation device.. 

Posted by at No comments:

Send Kellie Wilson To Los Angeles

http://www.popsugar.com/Video-Scream-4-Contest-Finalists-15382210An old friend in Lexington has been a friend for quite awhile.  As a long time reporter for station affiliates in Lexington, she has a passion for news, and a knack for quality interviewing, and some big names have come to Central Kentucky for some serious horse racing and sports.

But she has a dark side.  She is a horror movie fanatic, just like me!!  

Kellie now has the opportunity to attend the Red Carpet Premier of Scream 4.  Not only that, she will have an opportunity to interview the cast.

Her audition video is by far the best, and I'm asking every single person that reads this, hit the website and vote KELLIE WILSON up to win this.  Send our Kentucky Girl to Los Angeles to be a part of something awesome. I bypassed the email sign up by just hitting the close button, it's not necessary to vote for her.  DO IT!!!  DO IT!!! DO IT!!!
http://www.popsugar.com/Video-Scream-4-Contest-Finalists-15382210

SUNDAY IS THE DEADLINE..  
Posted by at No comments:
Subscribe to: Posts (Atom)