On Friday, marketing company Epsilon announced that an unknown third party had broken into its e-mail system and gained access to the names and e-mail addresses of some of the companies which Epsilon performs services for. And so, over the past few days, Epsilon clients have been sending e-mail to their customers alerting them to the breach and its potential consequences.
I got this email from TiVo on Saturday:
I’m not sure why Marriott took longer to alert me to the news, or why it seems more confident than TiVo that I’m unlikely to suffer as a result of the breach. (Marriott says “in all likelihood” I won’t be impacted, and artfully tells me to worry about phishing spam without accepting culpability for any I might get; TiVo says there’s a chance the breach will lead to spam.)
At least both TiVo and Marriott apologize in their messages. Epsilon, whose slogan is the unfortunate “Marketing as Usual, Not a Chance,” doesn’t express any regret in its press release about the leak. Nor does it tell us consumers about any steps we should take in response to the break-in.
(I find it interesting that Epsilon’s About Us page does lots of bragging–but doesn’t say anything about protecting the data of the consumers who are customers of Epsilon’s clients. It might want to revise its boilerplate at some point.)
Epsilon says that only about two percent of its clients’ information was leaked, but judging from the chatter among my Twitterfriends, that two percent still adds up to a lot of customers of a lot of very large companies:
Have you received any Epsilon-related messages from companies you do business with?
UPDATE: I got an e-mail from 1-800-Flowers, too, but it got stuck in my spam filter. Here it is: