‘Massive’ data security breach strikes JPMorgan Chase, Kroger, possibly others

security-breach-hack-hackers-epsilon

What’s being described as a “massive” security breach at email marketing firm Epsilon has compromised the customer names and emails of some of the largest companies in the US, including seven of Fortune’s top 10 institutions, reports SecurityWeek.

Epsilon reportedly sends out 40 billion emails each year for more than 2,500 clients. SecurityWeek reports that clients of Epsilon affected by the infiltration include: TiVo, US Bank, JPMorgan Chase, Verizon, Capital One, Marriott Rewards, Ritz-Carlton Rewards, Citi, Brookstone, McKinsey & Co., New York & Co, Kroger and Walgreens.

Epsilon has refused to confirm the full list of companies hit by the breach. But the company tells Reuters that it is “cooperating with a number of authorities now, so I don’t know how long it (the investigation) will take.”

According to SecurityWeek, the data breach has put some customer email addresses of the second largest bank in the US, JPMorgan Chase, and the email addresses and names of Kroger, the largest grocery store chain in the country, in the hands of hackers.

“On March 30th, an incident was detected where a subset of Epsilon clients’ customer data were exposed by an unauthorized entry into Epsilon’s email system,” Epsilon said in a statement on Friday. “The information that was obtained was limited to email addresses and/or customer names only.”

Kroger sent out an email to customers letting them know that names and email addresses had been stolen, and to warn them that they may receive “phishing” emails as due to the Epsilon breach.

“As a result, it is possible you may receive some spam email messages,” Kroger said in the email. “We apologize for any inconvenience. Kroger wants to remind you not to open emails from senders you do not know. Also, Kroger would never ask you to email personal information such as credit card numbers or social security numbers. If you receive such a request, it did not come from Kroger and should be deleted”

SecurityWeek extends the possibility of phishing attacks to any company affected by the database break-in.

The situation for Chase and Citibank could potentially be more problematic. Epsilon manages the loyalty programs from Chase and Citi credit card customers. According to Computerworld, this includes information that may “be extremely valuable to criminals looking to steal banking information in phishing attacks.”

Chase said in a statement that it is “actively investigating to confirm” that, aside from email addresses, no other personal information was acquired by the hackers. The bank also tells Reuters that a “full investigation” is underway.

Citi released a statement via Twitter. The tweet read: “Please be careful of phishing scams via email. Statement from Citi for our valued Customers regarding Epsilon & email.” A link to a full statement was provided, which also warned customers of phishing attacks.

(Image via)

Social Media

Facebook says it unintentionally uploaded email contacts of 1.5 million users

Facebook says that over the last two years it unintentionally uploaded the email contacts of 1.5 million users as they signed up to the social networking service. The process has ended and the email addresses are being deleted.
Mobile

The Department of Justice may prevent the T-Mobile-Sprint merger

T-Mobile and Sprint are getting closer to merging. After a few failed attempts, the two companies announced their merger at the start of 2018. The new T-Mobile could be better positioned to take on the likes of Verizon and AT&T.
Computing

Microsoft says hackers were able to view Outlook.com emails

Microsoft's Outlook.com email platform saw a massive breach that caused confidential data to be accessed by hackers for months. It now appears the problem might have been much worse than initially thought, and worse than Microsoft admitted.
Computing

Hackers broke into Outlook.com using worker’s credentials, Microsoft says

Microsoft's web-based email services were the target of a security beach. Using a customer support agent's credentials, hackers were possibly able to access email addresses and subject lines, but fortunately not their content.
Computing

Mueller report releases on CD, forces Congress to find PCs with disc drives

The Mueller report was released this week to Congress via CDs and congressional members had to find PCs with working disc drives to access the 400-page document. The redacted report was also released to the public on a website.
Gaming

Kick off your streaming career with our complete guide to Twitch broadcasting

Streaming games on Twitch for the first time can be daunting to say the least, but with a few simple steps, it's remarkably easy to do. Here's how to do so using a PC, Mac, Xbox One, or PlayStation 4 console.
Computing

Google Chrome will get a Reader Mode for distraction-free desktop browsing

If Google's testing of Reader Mode on the Chrome Canary desktop browser is successful, soon all Chrome users will gain access to this feature. Reader Mode strips away irrelevant content on a webpage for distraction-free browsing.
Computing

Former student uses USB Killer device to fry $58,000 worth of college’s PCs

A former student used a USB Killer device to short circuit more than $58,000 of computers at a private New York college earlier this year. The student pled guilty to the charges and sentencing is scheduled to begin in August.
Computing

AMD Ryzen CPU prices get slashed ahead of Ryzen 3000 release

AMD's Ryzen CPUs have had their prices slashed as we edge towards the release of their third generation. Whether you're a gamer or someone who needs multi-threaded performance, there's a deal for everyone with some heavy discounts to take…
Computing

The number pad on HP’s Chromebook 15 makes spreadsheet work a breeze

HP's Chromebook 15 comes with a 15.6-inch display, a metal keyboard deck with full-size keys, and a dedicated number pad, making it the second Chromebook model, following Acer's Chromebook 715, to be suited for spreadsheet work.
Computing

Worried about your online privacy? We tested the best VPN services

Browsing the web can be less secure than most users would hope. If that concerns you, a virtual private network — aka a VPN — is a decent solution. Check out a few of the best VPN services on the market.
Computing

Gaming on a laptop has never been better. These are your best options

Gaming desktops are powerful, but they tie you down to your desk. For those of us who prefer a more mobile experience, here are the best gaming laptops on the market, ranging from budget machines to maxed-out, wallet-emptying PCs.
Computing

Here's how you can download the best free music players for your Mac

Tired of your Mac's default music player? Take a look at our picks for the best free music players available for your Apple rig. Whether you're a casual listener or an audiophile, you're sure to find something that fits your needs here.
Computing

Want to make calls across the internet for less? Try these great VOIP services

Voice over IP services are getting more and more popular, but there are still a few that stand above the pack. In this guide, we'll give you a few options for the best VOIP services for home and business users.