Big Data Breach Grows

[Mousey]

You do not have permission to view link Log in or register now.

NEW YORK (Reuters) – The e-mails and names of customers of Citigroup Inc, Walgreens and other large U.S. companies were exposed in a massive and growing data breach, after a computer hacker penetrated online marketer Epsilon.

In what could be one of the biggest such breaches in U.S. history, a diverse swath of companies that did business with Epsilon stepped forward over the weekend to warn customers some of their electronic information could have been exposed.

Video recorder TiVo Inc, credit card lender Capital One Financial Corp and teleshopping company HSN Inc added their names to a list of targets that also includes some of the nation's largest banks.

Epsilon, an online marketing unit of Alliance Data Systems Corp, said on Friday that a person outside the company hacked into some of its clients' customer files. The vendor sends more than 40 billion e-mail ads and offers annually, usually to people who register for a company's website or who give their e-mail addresses while shopping.

"We learned from our e-mail provider, Epsilon, that limited information about you was accessed by an unauthorized individual or individuals," HSN, also an e-commerce operator, said in an e-mail to customers on Sunday.

"This information included your name and e-mail address and did not include any financial or other sensitive ....

Be prepared for more phishing emails and spam....

 

[lots0]

My son just got a notice in the mail last week from his health insurance company telling him their security was breached and all his(and about 550,000 other folks) personal and medical records are now in the hands of hackers.

They offered him identity protection for two years...

 

[Mousey]

My son just got a notice in the mail last week from his health insurance company telling him their security was breached and all his(and about 550,000 other folks) personal and medical records are now in the hands of hackers.

They offered him identity protection for two years...

It never ends, does it? The more we try to protect our personal information, the more companies demand it.

 

[vinylweatherman]

It means that it will get even HARDER for companies to convince us that the information they demand is "necessary".

It's not very good that they can get away with just "saying sorry" for much of the time. Laws need to be tightened so that a company has to demonstrate that it did everything it could to protect the data, as many cases are down to cost cutting by the companies concerned, and only paying for the minimum amount of protection they can get away with. Other laws should make companies have to demonstrate "necessity" before demanding a piece of information, and should be fined if they are collecting data that they don't HAVE to have by bullying the consumer into giving it.

Companies (and governments) really need to "get a grip", as the more this happens, the less we will trust them with our personal information, and the current business models that RELY on us being prepared to hand over this information will fail, and this will end up taking many businesses to the wall, unless they can adapt to making do with LESS of our information.

These are also big, and already well regulated, companies. Online casinos often have even MORE information about us than these companies do, yet want us to think their systems are 100% watertight. No way can this be true, and incidents like this are a big risk to the online casino industry, as people frightened to give their details to big retailers because of such breaches are going to be even MORE frightened of giving even more detailed information to online casinos licensed in some backwater jurisdiction like Curacao or Costa Rica.

This might explain the slowly growing trend among some players of giving false information in some "minor" data fields, such as phone number, since they don't trust that the information is secure, and want some way to protect themselves from an onslaught of "spam" through communication channels such as their phone, and even their mailbox. Such players have no intent to defraud the casino, but find their precautions get them into trouble when what they thought was a minor piece of information turns out to be used in a key verification step, which then fails - an example is the phonecall to confirm an account or deposit.