The 8 largest information security breaches: Epsilon, 2011

In Information Security ByTeam Acumin / 29th August 2015

We all like to think that the correspondence we send each other and the information we allow service providers to hold about us is kept between the people involved, which is why it was a shock to many when it was discovered that there had been an internet security breach at Epsilon in 2011.

What happened?

In March 2011, Epsilon, a marketing firm based in Texas, revealed that databases holding information of approximately 50 of its clients, including seven Fortune 500 companies at the time, had been appropriated by cybercriminals.

How many records were accessed?

The exact number of records accessed in this information security breach is unknown, but it is thought to be somewhere in the region of 60 and 250 million.

Records accessed included the email addresses of around 60 million companies, which included big names such as Best Buy, Capital One, and Verizon.

How it happened?

The Epsilon security breach was set into motion when an employee working for the company received a phishing email. Unfortunately for all involved, that employee clicked on a dodgy link, which cybercriminals then used to access the employee’s credentials.

Once they had these credentials, they were able to gain access to the company’s databases, which they used to obtain not only email addresses, but the names and addresses of many of Epsilon’s clients.

What’s happened since?

This breach highlighted how easy it can be for cybercriminals to gain access to corporate databases. Since the breach was discovered, many companies, including big retailers, have come to understand that the data they collect from their customers can be breached at any time once it leaves them. This has led to these companies taking more of an interest in securing information as a direct result of this unfortunate event.