Chris Straw
SHARE:

Epsilon Data Breach

April 5, 2011 by Chris Straw

As I continue to get emails from companies stating my information may have been compromised, I think to myself, “Are people really comprehending the magnitude of the data breaches in today’s world?” Sure, it was just emails (they think), but point is that they were released my information without permission.

What’s the risk? ?Well, more SPAM of course. ?Being the?technology?field, I am very cautious about what I open and don’t, but there are a lot of people out there that do fall for these scams (Nigeria…., make $5,000 just to…, etc.). ?My mother-in-law was one of those people. ?She lost $3,000 to a scam. ?A life lesson, I hope, she learned the hard way. ?If she would have only asked me, I would have saved her a lot of heart burn.

As a software architect, it’s my job to ensure that every possible measure is in place to prevent data from being compromised. ?Sure, there’s not a 100% hacker proof system (and if someone tells you that, they are lying), but you can put up many doors and locks to frustrate them, making them move on.

The Epsilon attack appears to be done from an outsider and those attacks are the ones most IT professionals (developers and network engineers) seem to focus on. ?The other side to this is an attack from within the company (someone who works for you). ?The rules for known or internal users seem to be less stringent. ?I consult development and network teams that internal and?external?threats have the same magnitude.

So, what should you do about it?

  • Don’t open email from someone you don’t know.
  • Don’t open attachments were not expecting, this includes people you do know
  • Companies will never ask you to give sensitive information, such as usernames, password, social security number, date of birth, etc.) over the phone or email. ?If you do get a request and not sure, just call the company directly using the contact information from the company’s website.
  • Don’t click on any links within an email. ?Tip: You can also hover over the link and a?tool-tip?will appear with the details of the link. ?If you don’t?recognize?the URL or in doubt, don’t click it.Email Link Tooltip
  • Don’t download the pictures within the email until you verify its from a trusted source
  • Look at the email address the email was sent from (this isn’t 100% accurate, but something to check)

I hope some of the tips help.

Written by

Chris Straw