I’m Getting E-Mails From Epsilon’s Clients. Are You?

By  |  Tuesday, April 5, 2011 at 11:09 am

On Friday, marketing company Epsilon announced that an unknown third party had broken into its e-mail system and gained access to the names and e-mail addresses of some of the companies which Epsilon performs services for. And so, over the past few days, Epsilon clients have been sending e-mail to their customers alerting them to the breach and its potential consequences.

I got this email from TiVo on Saturday:

And here’s one I got from Marriott today (despite the date):

I’m not sure why Marriott took longer to alert me to the news, or why it seems more confident than TiVo that I’m unlikely to suffer as a result of the breach. (Marriott says “in all likelihood” I won’t be impacted, and artfully tells me to worry about phishing spam without accepting culpability for any I might get; TiVo says there’s a chance the breach will lead to spam.)

At least both TiVo and Marriott apologize in their messages. Epsilon, whose slogan is the unfortunate “Marketing as Usual, Not a Chance,” doesn’t express any regret in its press release about the leak. Nor does it tell us consumers about any steps we should take in response to the break-in.

(I find it interesting that Epsilon’s About Us page does lots of bragging–but doesn’t say anything about protecting the data of the consumers who are customers of Epsilon’s clients. It might want to revise its boilerplate at some point.)

Epsilon says that only about two percent of its clients’ information was leaked, but judging from the chatter among my Twitterfriends, that two percent still adds up to a lot of customers of a lot of very large companies:

Have you received any Epsilon-related messages from companies you do business with?

UPDATE: I got an e-mail from 1-800-Flowers, too, but it got stuck in my spam filter. Here it is:




12 Comments For This Post

  1. Keith Shaw Says:

    We've received e-mail from Disney Destinations, one of the companies affected.

  2. wrenegade Says:

    Walgreens, Target and Wells Fargo

  3. Kay Says:

    CollegeBoard. Seriously.

  4. Rob Says:

    Got notice about Epsilon from bodybuilding.com

  5. Otto Nordpol Says:

    Forget it Harry, it's Chinatown (in the 1974 Roman Polanski movie sense of the word). I.e. normal standards of product/service warrantability and liability don't apply because it has something to do with computers. Why else do we tolerate shoddy software, computers that crash, and services that issue a supercilious "My bad." anytime someone hacks into customer data? Price of progress, right?

  6. The_Heraclitus Says:

    Haven't received anything. Amazing that Epsilon's CIO has no clue about securing data at rest.

  7. traveller Says:

    I got a note from Best Buy and Chase – but interesting, though BarClays is listed in the ones affected, I got no letter at all from them.

  8. GadgetGav Says:

    I've had the one from TiVo. My wife has had many more.
    What's gets me is that we thought we were signing up with these separate companies who we wanted to do business with and behind the scenes they were just handing it all off to some third party that normally we'd never get to hear about. I know it's naive to think that anyone does their own back office stuff these days, but it should be the frontline companies (TiVo, Marriott, Target, etc) who are on the hook for any customer compensation. They picked a flaky marketing "partner" – they should have to make good any mistakes.

  9. Jose Says:

    I got an email from Citi about this.

  10. Lino Says:

    air miles as well

  11. Paul Vessey Says:

    Everyday there seems to be more and more breaches.

  12. Paul Vessey Says:

    This is a good example of reputation management done right and done wrong. In an event of an unauthorized access to a company's data, they need to inform their clients and customers as soon as possible. Failure to address their concerns could lead to a PR nightmare.