Tivo, Walgreens, Citi Amongst Others Hit By Epsilon Security Breach

Epsilon, a marketing firm acquired by Alliance Data which handles loyalty marketing of  several  big brands, was hit by a security breach.  This security breach resulted in infiltration of their email systems. Epsilon maintains that only a subset of their user data was harvested and as of now, only the email address and usernames were gathered.

Security Now which  initially reported that only  Kroger, United States’ largest traditional grocer was hit, now has confirmed that several big brands were also affected. Some of the brands hit include

  • Brookstone
  • Citi
  • Home Shopping Network
  • JP Morgan Chase
  • Kroger
  • Marriott Rewards
  • McKinsey & Company
  • New York & Company
  • Ritz-Carlton Rewards
  • The College Board
  • TiVo
  • US Bank
  • Walgreens

Epsilon’s  assessment has determined that no other personally identifiable information is at risk and are currently investigating the matter.

Citi tweeted about the breach with a link to the message on Citi’s site, calling upon users to be careful about phishing scams via email.


Please be careful of phishing scams via email. Statement from Citi for our valued Customers regarding Epsilon & email http://citi.us/dQuCp0less than a minute ago via CoTweet

TiVO has also issued a public interest message, maintaining that no Credit Card details and other such personally identifiable information was available to Epsilon and as such, such data is safe.

While it might be conceived that customer names and email address harvesting does not pose much of threat, such data in the hands of spammers is likely to result in a much more personalized phishing attack  attempts.

To be safe from phishing, never click on links or open email attachments from unknown sources. Remember: No one will ever ask to confirm your password/Credit Card details by entering them in a webpage!