Epsilon Breach Responsible for New Spam Campaign and More

A new spam campaign is believed to be linked to last month’s data breach at Epilson. Recently a wave of spam messages hawking Viagra and male enhancement products has been hitting the inboxes of some customers who were affected by the breach. The company, which handled email marketing for many of the U.S.’s biggest companies, announced that their servers had been broken into early last month. Millions of names and email addresses were stolen. It’s not surprising that those affected are starting to see spam, and it’s very likely a spear phishing attack may be next. The hackers got access to enough information to put together a very targeted and very convincing attack.

A concern about compromised medical information has also arisen as the result of the breach. Drug company GlaxoSmithKline was among those whose customer lists were compromised, but in their case, the information included the prescription and non-prescription drug sites those customers were registered on. That info could make it easy to figure out what medical conditions they suffer from. Whether this would be considered a HIPAA violation is unclear and probably unlikely, but it is worrisome. The company makes drugs used to treat everything from constipation to HIV. When they found out about the breach they sent a letter to all of their affected customers letting them know. It would not surprise me one bit if that group of customers started receiving spam hawking various online pharmacies and fake prescription drugs and supplements using the drug sites they were registered on to tailor them.