The breach felt 'round the Web (week in review)

Data breach affecting broad swath of consumers turns little-known Epsilon into somewhat of a household name. Also, big moves in online video and the U.S. government is on tech's case.

Michelle Meyers
Michelle Meyers wrote and edited CNET News stories from 2005 to 2020 and is now a contributor to CNET.
Michelle Meyers
5 min read

Last week, Epsilon was a little-known e-mail marketing firm, a behind-the-scenes player in the Web-marketing world. This week, it's held a prominent place in the headlines as the target of a massive data breach that exposed names and e-mail addresses for a broad swath of customers at dozens of prominent companies.

E-mails from the likes of Citibank, Chase, Capital One, Walgreens, Target, Best Buy, TiVo, TD Ameritrade, Verizon, and Ritz Carlton--have been flooding in-boxes since Epsilon announced its system had been breached. Some people (this writer included) have reported receiving as many as four of these warnings.

Watch this: Breach exposes clients' customer names, e-mail

Companies like Citibank and Walgreens are household names, but little was known about Epsilon and how it accesses customer data. But Epsilon is actually one of a growing number of firms that offer outsourced services to help companies attract and keep customers. In addition to offering e-mail marketing services and managing customer e-mail databases for clients, it monitors social networking and other sites to see what people are saying about a company, advises on markets to target, helps develop and maintain customer loyalty programs, and more.

Epsilon has apologized, but so far, the only key information it has provided about the incident is that names and e-mail addresses of a "subset" of its 2,500 customers were exposed in the breach, which was detected on March 30. It's unclear how many of Epsilon's clients and how many of their customers are affected, but a tally being kept at Databreaches.net was up to 57 today. Epsilon says it's working with federal authorities and outside forensics experts on the investigation and has reviewed its security protocols controlling access to the system and further restricted them.

Watch this: CNET to the Rescue Ep.41: Band-Aids for the Epsilon boo-boo

Later in the week, we learned that Epsilon partner Return Path, which offers e-mail monitoring services, had warned late last year that thousands of e-mail addresses were stolen in a broad phishing campaign that targeted e-mail service providers. While it is unclear whether Epsilon was affected by the phishing attacks last year or how it was compromised in the latest incident, there is some indication that this may not be the first data breach at the company.

Meanwhile, the Comodo hack from a couple of weeks ago, which let a hacker spoof digital security for Google.com, Yahoo.com, and other Web sites is still making news, as it prompts browser makers to rethink security.
• Comodo hack may reshape browser security"
• Comodo hacker says he's protesting U.S. policy
• Roundup: Behind Comodo hack, an insecure Web
• T.J.Maxx hacker says feds gave him the OK

More headlines

Google, DOJ sign deal to approve ITA acquisition

Justice Department will require Google to continue to license travel technology to rivals as part of its deal to acquire ITA Software. What's more, Google must provide arbitration for complaints about Google acting unfairly.
• Report: Google and DOJ close to ITA settlement

How mobile payments will work (FAQ)

NFC chips will let you pay for things with your phone instead of using cash or plastic. But when is this happening and what phones will work? CNET provides some answers on mobile payments
• Report: Sprint also planning mobile payment service

Alleged crackdown shows Android politicking

Google belatedly rejects the idea that it's reining in Android hardware partners. But where there's smoke, there are probably at least smoldering coals.
• Gartner: Android market share to near 50 percent

Justice Department opposes digital privacy reforms

Police investigations and "human life" would be jeopardized if search warrants were required for e-mail and location data, Justice Department official warns.
• Privacy dispute tests Obama's earlier promises
• How I nearly got scammed on Facebook
• Federal Web sites may go dark in shutdown

Lawmakers tell Google to do more on antipiracy

For the first time, Google answers questions publicly about its antipiracy operations and whether it looks the other way when it comes to intellectual property theft.
• FTC to investigate Google's search dominance

FCC approves controversial data roaming rules

The FCC has adopted rules that will require wireless operators to negotiate "fair and reasonable" roaming rates for wireless data services with competitors.
• White House pushes for incentive spectrum auctions
• Court tosses Verizon, MetroPCS suits against FCC

TI to buy National Semiconductor for $6.5 billion

Texas Instruments and National Semiconductor boards of directors have already approved the all-cash deal, which makes TI's sales force "10 times larger."

Watch this: Mobile apps accused of privacy violations

Pandora gets subpoena in grand jury app probe

Online music service Pandora has disclosed in a government filing that a grand jury has subpoenaed the company for a case involving mobile apps, though the company is not a specific target.
• Video: Mobile apps accused of privacy violations

Study: More TV viewers in U.S. 'cutting the cord'

By the end of 2011, some 2 million television watchers will have ditched their cable or satellite subscriptions, according to Convergence Consulting.
• Report: YouTube to offer original content
• YouTube opens up live streaming to partners
• Netflix acquires rights to stream 'Mad Men'
• Some indie studios wary of Netflix partnership
• Microsoft tries to polish Silverlight's future
• Flash use dipsat top Web sites

Dish Network to buy Blockbuster for $228 million

The satellite TV provider says it has won the bankruptcy court auction for Blockbuster, which it aims to re-establish as a leader in video entertainment.
• Films from 3 studios come to Dish streaming

Apple's iAds app found to bend App Store rules

An application released by Apple yesterday that lets users browse iAd campaigns and save ads they like has been discovered to be breaking Apple's own App Store guidelines.
• Bing's iPad app takes aim at Safari
• Report: Apple orders 12 petabytes of storage
• Report: iOS 4.3.2 coming soon

Businesses move ongreen tech sans D.C.

Despite a lack of policy direction, green-minded businesses are seeking out tech to improve efficiency while clean energies may scale up outside U.S.
• Bill Joy chases green-tech breakthroughs
• Microsoft and Toyota partner on smart-grid tech
• Microsoft tries plan B with Hohm energy app

A look at the all-new Commodore 64 (images)

See all photos

Google begins tablet version of Chrome OS

The browser-based operating system is headed for touch-screen tablets. But Chrome OS competes not just with Apple's iPad, but also Google's own Android OS for tablets.
• Google boots Grooveshark from Android Market
• Grooveshark 'surprised' by Google snub

Also of note
• HP suing former exec over theft of trade secrets
• Larry Page, here's your six-month plan
• Expedia to split into two companies
• With Virgin Oceanic, Branson plans to get deep
• SF gives preliminary OK to payroll tax break for Twitter

Updated April 11 at 11:08 a.m. PT to remove reference to American Express from list of companies affected.