The Oopsilon incident
We keep getting email messages from all sorts of folks with whom we normally deal, warning us that they gave our email address to an outfit called Epsilon, and Epsilon lost it. So now we might get a bunch of shady phishing emails, and we should be careful giving out our personal information.
So what else is new? We get phishing attempts pretty much every day, even without Epsilon screwing up. The bigger question is why the people we normally deal with are giving out our email address to begin with. We've never heard of Epsilon before this, and we don't want our address being handed to people we don't know. There ought to be a way we can check a box on a form somewhere so that it doesn't happen.
Comments (12)
Is it Epsilon that is doing the phishing?
Posted by Snards | April 6, 2011 6:58 PM
Lets see, Epsilon got mugged and robbed, and it's their fault?
Hmmmm. Is it a rape victim's fault that she got attacked?
Faulty logic, Jack.
Posted by Nonny Mouse | April 6, 2011 7:30 PM
First of all, any company providing that kind of service knows that they are a target for hackers so therefore they have a duty to take precautions not to get hacked. And usually when hacking is successful, it's because of stupidity and lack of due diligence.
Jack, the only way to be safe is not to give your email address to any company since most companies have relationships with other companies be provided with IT services.
Posted by LucsAdvo | April 6, 2011 7:38 PM
I got notice from Walgeens my pharmacy, about Epsilon, a company they use to send emails to the customers. They do all the high tech (and apparently low security)of sending an auto email when a medication is requested, another if it is delayed then more to tell you when its ready then threaten you if you don't pick it up in a day or too. They also email you when its time to refill.
They say they are the world’s largest global permission-based email provider. That means you can opt out,and it is used by businesses that you want to communicate with.
Posted by dman | April 6, 2011 7:42 PM
They say they are the world’s largest global permission-based email provider. That means you can opt out
Really? How is that? Never buy a prescription drug? Don't have a 401(k)?
I've never heard of Epsilon before this. I should have.
Posted by Jack Bog | April 6, 2011 8:19 PM
I think perhaps this CNET article answers some of your questions:
Who is Epsilon and why does it have my data?
http://news.cnet.com/8301-27080_3-20051038-245.html#ixzz1Inv94Mvs
Posted by k2 | April 6, 2011 8:26 PM
Time for a do-not-email registry?
Posted by Molly | April 6, 2011 9:51 PM
I saw that notice, and was taken aback by the advice to "....be careful giving out our personal information". Do they ever proofread anything first?
Posted by John Rettig | April 6, 2011 10:21 PM
Clearly, Epsilon didn't handle its security right. But I'm not sure that anyone "needed" to know that they were a vendor to somebody that you were a customer of.
Let's say you're a customer of Walgreens, as "dman" says he was. Walgreens customer data is going to be accessed by a number of outside vendors - including their email broadcasting provider, their database administrator, various finance consultants and administrators, outside auditors, government regulators, etc.
The bottom line is this: If you were a Walgreens customer, and they used Epsilon to send you emails, and Epsilon screwed up... it's Walgreens that you should be mad at. They clearly didn't do the due diligence necessary to protect your info. They're going to try and shuck and jive and say it's Epsilon's fault - but your relationship is with Walgreens.
Of course, you can pretty much expect that Epsilon is going out of business now -- when you've got half the Fortune 1000 mad at you, well, that's not a successful business strategy.
Posted by Kari Chisholm | April 7, 2011 1:17 AM
"Of course, you can pretty much expect that Epsilon is going out of business now -- when you've got half the Fortune 1000 mad at you, well, that's not a successful business strategy".
Right, after all giving out access to personal info devastated Google and Facebook.
Posted by Moley Russel's Wart | April 7, 2011 2:58 AM
The bastards got my e mail address and my e mail contacts and sent this to all of them: Phil,
I would have talked to you about it earlier but at least I am telling you now. You won't believe the length of time I anxiously waited to become who I am today. I are able to definitely buy stuff once again. It truly is crazy thinking about how long I've struggled to manage finances when this was available this entire time. Despite present day's economic condition, there has been quite a lot of people making money using the web. You're going to get the hang of it all almost immediately and then get caught up to me within a couple weeks, just wait. I can not wait to meet you once again and tell you a lot more. Give it a try and if this does not work for you, I will hook you up with a sweet new ps3 and games. You'll start to see how simple and easy it really is to get onward. You're a lot more ready than I am and I'm making money, and so there is no good reason that you can not just be doing the same thing. http://hhy22ga.newsreportchan03.com/ Whaddaya think, Phil, do you think you're prepared for something new?
Posted by Bill Gallagher | April 7, 2011 7:10 AM
...Why not have a cloud domain email (gmail, yahoo) that you use expressly for registering online. You can check it once a month to see if there are any *important* notices from Walgreens or wherever. Or hook it into your Outlook or email manager and check it more frequently if you like the sales pitches. And when an Epsilon drops the ball (inevitable), all you have to do is create another account. You can sleep at night.
Posted by Mark Mason | April 7, 2011 9:18 AM