X

Breach exposes Chase, Capital One, TiVo customers

Epsilon, which manages e-mail communications for TiVo, JP Morgan Chase, Capital One Financial, the Kroger grocery chain, and other clients, says it suffered a security breach that revealed data on some of its clients' customers.

Edward Moyer Senior Editor
Edward Moyer is a senior editor at CNET and a many-year veteran of the writing and editing world. He enjoys taking sentences apart and putting them back together. He also likes making them from scratch. ¶ For nearly a quarter of a century, he's edited and written stories about various aspects of the technology world, from the US National Security Agency's controversial spying techniques to historic NASA space missions to 3D-printed works of fine art. Before that, he wrote about movies, musicians, artists and subcultures.
Credentials
  • Ed was a member of the CNET crew that won a National Magazine Award from the American Society of Magazine Editors for general excellence online. He's also edited pieces that've nabbed prizes from the Society of Professional Journalists and others.
See full bio
Edward Moyer
2 min read

Epsilon, which manages e-mail communications for TiVo, JP Morgan Chase, Capital One Financial, US Bank, the Kroger grocery chain, and other clients, said this week that it suffered a security breach that revealed data on some of its clients' customers.

 

Epsilon, which says it sends 40 billion e-mails annually, released a statement yesterday saying that on March 30 it detected an "unauthorized entry" into its system that exposed customer names and e-mail addresses. The company said "no other personal identifiable information associated with those names was at risk."

Bloomberg reported that an Epsilon representative would not say how many other clients might be affected, citing an ongoing investigation.

TiVo, meanwhile, issued a release that reiterated Epsilon's statements and added that "Epsilon does not have access to service information or credit card details and all such personally identifiable information remains secure."

Both Chase and Capital One posted notices about the breach on their Web sites, and both said financial data, and any other data apart from names and e-mail addresses, did not appear to be at risk.

And CNET received a reader-forwarded e-mail that appeared to be from the Kroger company (which also operates the Ralphs supermarket chain, along with many other stores). The message mentions the breach and warns recipients that they might be receiving spam e-mail:

"Kroger wants to remind you not to open e-mails from senders you do not know," the e-mail says. "Also, Kroger would never ask you to e-mail personal information such as credit card numbers or social security numbers. If you receive such a request, it did not come from Kroger and should be deleted."

Both Chase and Capital One issued similar cautions in the statements on their sites.

CNET's Steven Musil contributed to this report.