14 February 2016

Financial services firms caught up in massive Epsilon breach

04 April 2011  |  12405 views  |  2 anonymous figure in front of stock exchange

A massive data breach at US cloud marketing and communications outfit Epsilon may have exposed the customer e-mail addresses of some of the country's largest banks.

Epsilon, which sends 40 billion marketing e-mails annually, released a statement on Friday saying that on 30 March it detected an "unauthorised entry" into its system that exposed customer names and email addresses.

TD Ameritrade, US Bank, Citibank, JPMorgan Chase and Capital One are among a host of companies to have come forward over the weekend and admitted that customer names and e-mail contacts may have been leaked during the Epsilon attack. Financial utility groups MoneyGram and Visa were also on the receiving end of the raid.

The hacked data appears to be limited to customer names and electronic contact addresses. No personal information such as credit cards or social security numbers were accessed.

In a statement, JPMorgan says: "We are advised by Epsilon that the files that were accessed did not include any customer financial information, but are actively investigating to confirm this."

Either way, the incident is major embarrassment for Epsilon's banking clients who must contact customers and warn them to be wary of future marketing communications and potential phishing threats.

Barclays Bank of Delaware, which was also caught up in the incident, posted this message to customers: "It is possible you may receive spam email messages as a result which could potentially ask you for additional information about your account. Please note, Barclays will never ask you in an email to verify sensitive information such as your full account number, Username, Password or Social Security Number. Therefore, any email which does so should be treated suspiciously, even if it looks like it comes from Barclays. As a reminder, we urge you to be cautious when opening links or attachments from unknown third parties."

Comments: (2)

Martin Davies
Martin Davies - Causal Capital Pte Ltd - Singapore | 04 April, 2011, 13:49

This is appaling and Epsilon should pay damages for this breach of trust and security. The banking system is fragile enough without clowns like this managing information on behalf of customers.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
A Finextra member
A Finextra member | 05 April, 2011, 13:51

Is this not a problem that is germane to 'cloud' - an archipelago of shared services facilities?

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)
Log in to receive notifications when someone posts a comment

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board, sign up now.

Related stories

04 April, 2011
31 March, 2011
01 March, 2011
21 February, 2011
15 February, 2011
19 November, 2010
02 September, 2010
01 July, 2010
06 May, 2010
29 April, 2010
13 April, 2010
15 March, 2010
02 March, 2010
13 January, 2010

Related company news


Related company information

JPMorgan Chase

Top topics

Most viewed Most shared
UK sets out open banking API frameworkUK sets out open banking API framework
16981 views comments | 108 tweets | 91 linkedin
Deutsche Bank calls for co-operation with fintech firms on B2B servicesDeutsche Bank calls for co-operation with...
9463 views comments | 31 tweets | 30 linkedin
How to accelerate your fintech startupHow to accelerate your fintech startup
9165 views comments | 36 tweets | 10 linkedin
Is Paym a failure?Is Paym a failure?
7506 views 17 comments | 23 tweets | 16 linkedin
Visa issues API to offer consumer control over card transactionsVisa issues API to offer consumer control...
6788 views comments | 17 tweets | 28 linkedin

Featured job

to $120K base, double OTE, benefits
New York City, NY or Boston, MA (USA)

Find your next job