CNET News Video
Breach exposes clients' customer names, e-mailSeveral large companies have warned customers that a security breach at marketing firm Epsilon has exposed names and e-mail addresses. CNET's Kara Tsuboi reports on the breach and what you can do to protect yourself.
-Best Buy, Walgreens, Kroger's Grocery, all companies who use Epsilon, an e-mail marketing firm, for their customer communication, and that was the system that was supposedly hacked. -This is pretty big, just because of the scope of the breach. -The list of compromised companies is up to 18, and includes major financial institutions like Capital One and Chase, retail stores like Brookstone, and hotel reward programs like Marriott and Ritz-Carlton. In a statement, Epsilon claims the information that was obtained was limited to e-mail addresses and/or customer names only. A full investigation is currently underway. A lot of the compromised companies send e-mails to their customers, explaining the security breach and reassuring them that their financial information is still secure, but, CNET's Declan McCullagh says a lot of damage can still be done with an e-mail address. -The problem is when you have a list of e-mail addresses and you have a list of names, then you can send customized phishing e-mails, saying, "Oh, please log in to update your bank account information," and if it has your e-mail address and it has your name, your inclined to trust it. -Dallas-based Epsilon works with more than 2500 clients and sends more than 40 billion e-mails every year, so the magnitude of this scandal may not be seen until the investigation is complete. -For CBS News, I'm Kara Tsuboi, CNET.com, in San Francisco.