Did you ever have that feeling that something is going on, but you don’t quite know what it is? I had that inkling early this morning when I checked my e-mail and saw an enormous list of messages from companies that rarely, if ever, send me email. For the most part, I am one of those who always checks (or unchecks) the box to subscribe for online helluvadeals from “us or our partners,” so I don’t get a lot of that.
Today, however, I discovered that even those companies that don’t send me regular newsletters or sales promos still give out my email address. I know that because many of them wrote to apologize. Oh, yes, and to warn me that my information had been compromised.
A quick Google search gave me the answer:
A security breach that exposed the email addresses of potentially millions of customers of major U.S. banks, hotels and stores is more likely than traditional scams to ultimately trick people into revealing personal information.
Security experts said Monday they were alarmed that the breach involved targeted information -- tying individuals to businesses they patronize -- and could make customers more likely to reveal passwords, Social Security numbers and other sensitive data.
At least security experts already have a term for the new type of Internet security fraud that is sure to follow – spearphishing. According to David Jevans, chairman and founder of the nonprofit Anti-Phishing Working Group,
criminals have been moving away from indiscriminate email scams, known as "phishing," toward more intelligent attacks known as "spear phishing," which rely on more intimate knowledge of victims.
“This data breach is going to facilitate that in a big way," said Jevans, also CEO of security company IronKey Inc. "Now they know which institution people bank with, they know their name and they have their email address."
The information could also help criminals send highly personalized emails to victims. Doing so makes the email more likely to get past a spam filter.
All I can say is a Dallas marketing firm called Epsilon must be doing one hell of a business – 2,500 business clients, according to the Boston.com article. In addition to major financial players like CitiGroup, Capitol One, JPMorgan Chase and US Bancorp, companies ranging from retailers Best Buy, Ethan Allen, HSN, Walgreens, and Krogers to hoteliers like Hilton and Marriott. But that’s not all:
The College Board, the not-for-profit organization that runs the SATs, also warned that a hacker may have obtained student email addresses.
Of course, Epsilon insists they have conducted a “rigorous” examination of the incident and “assure” consumers that no other data were compromised. All that tells me is that, in addition to email addresses, a company that is supposed to just be a distributor of email messages also has access to other personal information about the clients of their customers.
This comes on the heals of a major security breach at Bank of America on March 5, which resulted in BoA having to notify its customers and re-issue credit cards with new numbers. And there are many more instances, of course. If you would like a complete updated list of security compromises, check out the Chronology of Data Breaches from 2005 to the present at the Privacy Rights Clearinghouse. Bookmark it – it is a good site to check regularly.
So be aware – and be wary. Never, never, never respond to email requests for information, no matter who they are from. If you think it is important, call the party involved – but DO NOT use the phone number provided in the email. For more expert information on what to do if you suspect a security problem, check out How To Deal With A Security Breach.
We have so many insightful and powerful diaries written here at Daily Kos. Our diaries inform, inflame, impassion, and even entertain. We Kossacks have strong voices and an even stronger will to be the change we wish to see in this country.
One of the richest, and perhaps most under-appreciated, areas of thought come in the form of comments attached to these diaries.
Here at Top Comments we strive to recognize and promote the talent of this community by highlighting outstanding comments found throughout the day by the diarist, and through nominations by other Kossacks. So when you find a comment that enlightens, entertains, or encourages, send it to:
topcomments at gmail dot com.
Comments should get to the inbox by 9:30 EST to be included that day (but we will carry over later ones). Don’t forget to include your Dkos screename, a link to the nominee, and a brief comment about why you think it is a Top Comment.
Tonight’s Top Comments . . .
From
CA coastsider
In RogerShuler's diary about conservative columnist John Archibald, cskendrick had a telling reply: A man who does not know he's bankrupt cannot possibly know he's morally bankrupt.
From
lineatus
In response to
this comment, indiemcemopants does an excellent job of summarizing in sdelear's Breaking: Supreme Court Overturns Borwn v. Board.
From
sardonyx:
In Richard Lyon's diary on Yemen, after auron renouille is more worried that there might not be a next government than what a next one might look like, and draws a parallel between Yemen and Somalia, when UnaSpenser asks for more information about the similarities between the two countries, auron obliges.
From bronte17:
Some snark blunt honesty from Pandoras Box where we go from "too big to fail" to “too big to fix” syndrome in the excellent diary Thirty Years is Long Enough by Jennifer Brunner.
From
me
assyrian64 asks a pertinent question: "Who is the biggest asshole governor?" in Dash Riprock's excellent diary, US Labor Department Demands Maine Mural Refund! The proposed list prompts a nomination war downthread, complete with additions to the list.
voroki points out the personal responsibility exhibited by GOP tool John Archibald and touches off an hilarious thread exploring the many hints he ignored that he had declared bankruptcy -- from his signature in several places on the documents to losing his house -- prompting G2geek to write a theme song for Archibald in RogerShuler's Conservative Bomb Thrower Has A Bomb Explode in His Lap.