Yeah, I had two consecutive emails in my inbox - one from US Bank telling me about the security breach from Epsilon, and another one from “FedEx” which I haven’t even opened because it looked suspicious (and because I’m not expecting a package).
The article that kanicbird linked gave the example that Citibank used them for customer rewards programs - which suggests that some account info is sent to Experion in certain circumstances, though they’re saying “only” names and E-mail addresses were involved in this leak.
Also, the Benefit cosmetics company said their customer info was leaked even though they no longer work with Experion, meaning that the company hangs onto old data after other companies are no longer using their services.
Yeah I got emails from Best Buy, Target and Chase.
I have been getting spam that I know is related to the Epsilon thing, on an account that did not get a notice from anyone. I suspect that the email address used to be used for Citi and was still in their data but not on their “active customer” list, so they won’t send me a notice.
Like Ferret Herder I’m peeved that my non-spam email address is “out there”.
I got a notice from Chase. I also got one from Hilton Honors, which is suprising since I closed my account with them 3 years ago.
:smack: Please insert “Epsilon” in place of “Experion.” I can’t even blame autocorrect for that.
Not to point a finger at blondebear, others have said the same thing, but why are people surprised that Epsilon never deletes an email address? These days, it’s all about data. The more, the better. Change the “active account” flag from yes to no, and Epsilon, Hilton, Target, Chase et al. still gets to keep the list of email addresses. I’m sure the reasoning is “Who knows, some day we might be able to make money off this list.”
I’m also surprised by the number of people who give out their “no spam” email address to any company. I’ve got an email address that I hope never to have to change. Only friends and family get it, and I fiercely guard it. There is a second email address for companies I trust. I assume it will be leaked at some point. Email address 3 is all other uses.
Yep, got two notices myself. I know, from having seen the list of companies the Epsilon works with, that several more companies on the list have my email address, so I don’t know whether it was an incomplete hack or whether certain companies are just slower on the uptake.
No spam yet, that I know of, but it’s not my time of the week to clean out my spam filter.
ETA re TastesofChocolate: yes, these are all to the email address I consider my “spam” email, so if they want to spam it eventually, fine. I’ll just shut it down.
Nothing yet. I am a USBank customer, though, so I expect some message from them regarding the whole mess.
From Best Buy, but no spam yet. Yahoo actually gets far more false positives in spam id than false negatives.
As far as break-ins go, this is pretty minor. It is a good opportunity to warn about phishing. My work email is on the web in various places, so it is not like I don’t get this stuff anyway.
I’ve gotten notices from Citi, Best Buy, Restoration Hardware, Tivo, and one other company that I can’t remember right now. Like many others in this thread, I had given these places my “good” email address. I haven’t seen any spam yet.
Chase
Hilton Honors
1-800-FLOWERS
have all emailed me so far.
I gave Chase my E-mail address because prior to my getting a smartphone, I wanted them to have very easy-for-me-to-check ways for them to contact me. (Now I have an app for that.)
I don’t exactly remember why I gave Target that address but I’ve never even received a promotional e-mail from them, only shipping notifications when I’ve mail ordered.
Frankly, I’ve had more problems with friends and relatives sending me spammy stuff at that address - for the love of all that’s holy please learn to Bcc, and check Snopes first! - than I have with the companies who I did give my “main” e-mail address. So far.
I received notices from Chase and Kroger. I give each company a unique e-mail address, so I’ll know if I get spam to any addresses that were stolen from Epsilon. There have been no attempts to deliver emails to those addresses except the warnings by the companies themselves.
Walgreens
Best Buy
Chase
Target
1-800-FLOWERS
I think that’s it. Oy.
the phishing may wait until it is out of the headlines and out of people’s minds.
Just got another one from www.crucial.com
Don’t give your real email address to companies. Instead, use one of the many services on the web which allow you to create on-the-fly email addresses so you can give each company a unique address. Then if the company starts spamming you or its email database gets hacked, you can just disable the address.
One I like is spamgourmet.com. You create a unique id (e.g. spongebob) and then you can create addresses on the fly. For example, maybe I sign up here with the email sdmb.20.spongebob@spamgourmet.com. Any emails sent to that address are forwarded to my real address. If the SDMB gets hacked, I just cancel the sdmb.20.spongebob address and I don’t get anymore spam.
Is there an option to get unlimited e-mails from each address, like if I actually want to hear from them? And can you see all of your spamgourmet e-mails at once, or do you have to retrieve each subset separately?
Re: spamgourmet.
**Is there an option to get unlimited e-mails from each address, like if I actually want to hear from them? **
You can set an exclusive sender for each email address. So I could say that unlimited emails can be sent to sdmb.20.spongebob from the sdmb.com domain. This allows the sdmb.com servers to send unlimited emails to that address, but other sites are limited.
And can you see all of your spamgourmet e-mails at once, or do you have to retrieve each subset separately?
The emails are not kept on spamgourmet’s servers. It’s a mail forwarding service. All emails will be forwarded to your real email address (e.g. therealme@gmail.com).
Is there anyone else who hasn’t been affected? My spam count has always been low, and it hasn’t increased in the slightest. It’s as if nobody has it.
And while I now only use my real email in real life, I handed it out all the time early on.