In March 2011, Epsilon, one of the world’s largest email marketing service companies, suffered a major security breach that exposed the names and addresses information of Epsilon clients’ millions of customers. Epsilon had stressed that no financial information was stored in the database and the only information obtained were names and emails of customers. Although the Epsilon attack was not severe, the emails the hackers accessed could be used for spam and targeted phishing attacks.
While only email addresses might not be particularly susceptible, experts said that if hackers can connect emails addresses with names and a business like a bank, they could create customized attacks to trick people into disclosing more confidential information,
…show more content…
Epsilon was investigating the database breach and identified companies that were affected by the breach. As a result, Epsilon’s clients were forced to issue warnings to their customers about the breach, warning them to be aware of subsequent spam and phishing attacks as a result of the disclosing of email addresses.
4) Safeguards the company implemented since the breach.
Epsilon added new security enhancements to its email marketing platform in collaboration with Verizon Business. The new features included enhanced protection for Epsilon 's information technology (IT) infrastructure and the ability to track malicious IP addresses.
Epsilon also launched restrictions on access through its IP certification requirements that would allow only white-listed IP addresses access to Epsilon 's email platform. An anti-phishing solution that could find a way to differentiate between legitimate and fraudulent messages and monitor frauds across email domains.
The IT protection feature combines intelligence from Verizon 's global-IP network, Internet traffic data, and breach statistics data. The service will run on a custom cloud. Verizon 's malicious IP address tracking enabled Epsilon to identify and mitigate “electronic crimes in motion,” according to a company