A massive personal data security breach has prompted a warning from the Iowa Attorney General’s office. Spokesperson Geoff Greenwood says email marketing provider Epsilon Data Management of Irving, Texas recently disclosed that someone hacked into their system.
Epsilon’s clients include some the nation’s largest companies – including Citigroup, Capitol One, Best Buy and Walgreens. “We know that a lot of people have been affected by this and it’s perhaps one of the nation’s largest confirmed personal data security breaches we’ve seen,” Greenwood said.
Epsilon has not been able to determine who stole the personal data or why the stole it, but officials say the hacker only obtained customer names and email addresses.
“So, it’s good that it doesn’t involve more personal information like account numbers of social security numbers,” Greenwood said. “But even with a name and an email address, there’s still the potential for danger here, so that’s why we’re alerting Iowans.” Greenwood says consumers could be at risk of receiving spam emails, which mask the true sender.
Phishing scams are also possible – emails which appear to be legitimate communications from a company requesting personal information. “We’re telling Iowans to be wary of emails that are asking for personal information,” Greenwood said. The federal Internet Crime Complaint Center offers a the following tips to consumers confronted by suspicious emails:
· Be suspicious of any unsolicited email requesting personal information.
· Avoid filling out forms in email messages that ask for personal information.
· Do not click on links or images embedded in unsolicited e-mails, as doing so can launch malicious software. Always compare the link in the email to the link that you are actually directed to.
· Log on to the official website, instead of “linking” to it from an unsolicited email.
· Contact the actual business that supposedly sent the email to verify if the email is genuine.
· Ensure a site is secure and reputable before providing your credit card number online.
· Don’t trust a site just because it claims to be secure.
· If purchasing merchandise, ensure it is from a reputable source.
· Promptly reconcile credit card statements to avoid unauthorized charges.
· Do your research to ensure legitimacy of the individual or company.
· Beware of providing credit card information when requested through unsolicited emails.
· Don’t open spam. Delete it unread.
· Never respond to spam as this will confirm to the sender that it is a “live” email address.
· Have a primary and secondary email address – one for people you know and one for all other purposes.
· Avoid giving out your email address unless you know how it will be used.
· Never purchase anything advertised through an unsolicited email.
· Use a firewall on your computer
· Get the latest computer updates for all installed software
· Use current antivirus software and get regular updates
· Protect against social engineering attacks (phishing attacks that appear to come from friends, for example…)
