Tucson News Now‘Massive’ data security breach strikes JPMorgan Chase, Kroger, possibly others

 

‘Massive’ data security breach strikes JPMorgan Chase, Kroger, possibly others

Updated:
The data breach has put some customer email addresses of the second largest bank in the US, JPMorgan Chase, and the email addresses and names of Kroger, the largest grocery store chain in the country, in the hands of hackers (© Comstock / Thinkstock) The data breach has put some customer email addresses of the second largest bank in the US, JPMorgan Chase, and the email addresses and names of Kroger, the largest grocery store chain in the country, in the hands of hackers (© Comstock / Thinkstock)

By Andrew Couts
Provided by

What's being described as a "massive" security breach at email marketing firm Epsilon has compromised the customer names and emails of some of the largest companies in the US, including seven of Fortune's top 10 institutions, reports SecurityWeek.

Epsilon reportedly sends out 40 billion emails each year for more than 2,500 clients. SecurityWeek reports that clients of Epsilon affected by the infiltration include: TiVo, US Bank, JPMorgan Chase, Verizon, Capital One, Marriott Rewards, Ritz-Carlton Rewards, Citi, Brookstone, McKinsey & Co., New York & Co, Kroger and Walgreens.

Epsilon has refused to confirm the full list of companies hit by the breach. But the company tells Reuters that it is "cooperating with a number of authorities now, so I don't know how long it (the investigation) will take."

According to SecurityWeek, the data breach has put some customer email addresses of the second largest bank in the US, JPMorgan Chase, and the email addresses and names of Kroger, the largest grocery store chain in the country, in the hands of hackers.

"On March 30th, an incident was detected where a subset of Epsilon clients' customer data were exposed by an unauthorized entry into Epsilon's email system," Epsilon said in a statement on Friday. "The information that was obtained was limited to email addresses and/or customer names only."

Kroger sent out an email to customers letting them know that names and email addresses had been stolen, and to warn them that they may receive "phishing" emails as due to the Epsilon breach.

"As a result, it is possible you may receive some spam email messages," Kroger said in the email. "We apologize for any inconvenience. Kroger wants to remind you not to open emails from senders you do not know. Also, Kroger would never ask you to email personal information such as credit card numbers or social security numbers. If you receive such a request, it did not come from Kroger and should be deleted"

SecurityWeek extends the possibility of phishing attacks to any company affected by the database break-in.

The situation for Chase and Citibank could potentially be more problematic. Epsilon manages the loyalty programs from Chase and Citi credit card customers. According to Computerworld, this includes information that may "be extremely valuable to criminals looking to steal banking information in phishing attacks."

Chase said in a statement that it is "actively investigating to confirm" that, aside from email addresses, no other personal information was acquired by the hackers. The bank also tells Reuters that a "full investigation" is underway.

Citi released a statement via Twitter. The tweet read: "Please be careful of phishing scams via email. Statement from Citi for our valued Customers regarding Epsilon & email." A link to a full statement was provided, which also warned customers of phishing attacks.

  • More Top Headlines

  • Monday, May 21 2012 12:17 PM EDT2012-05-21 16:17:25 GMT
    Streetcar construction may slow down motorists heading downtown even more over the next two days. Workers are starting to transport large segments of rail today at 5:00 a.m. The rail work will take
    The rail work will take place today and tomorrow from 5:00 a.m. to 7:00 p.m. both days.

  • Monday, May 21 2012 12:10 PM EDT2012-05-21 16:10:33 GMT
    A woman hiking on a trail near the Ritz Carlton Hotel in Dove Mountain died Saturday afternoon of apparent cardiac arrest, Northwest Fire Capt. Adam Goldberg said. The woman was hiking with a group on
    The woman was hiking with a group on the Wild Burro Trail in the Tortolita Mountains when she suffered a heart attack.

  • Monday, May 21 2012 12:09 PM EDT2012-05-21 16:09:35 GMT
    With the Hobby Lobby and other retailers moving into the old Mervyn's in east Tucson later this year, some real estate experts say they're seeing more businesses take up commercial leases. However more
    With the Hobby Lobby and other retailers moving into the Tucson area later this year, some real estate experts say they're seeing more businesses take up commercial leases.  However more tenants doesn't necessarily mean the local economy is actually improving.

  • Monday, May 21 2012 12:07 PM EDT2012-05-21 16:07:31 GMT
    A 30-year-old woman died in a rollover accident Sunday afternoon on the southwest side. Christy Anne Dalrymple was transported to a local hospital after the one-vehicle collision at West Irvington Road

    Christy Anne Dalrymple was transported to a local hospital after the one-vehicle collision at  West Irvington Road and South Westover Avenue around 12:50 p.m.

  • Monday, May 21 2012 12:05 PM EDT2012-05-21 16:05:48 GMT
    A wildfire is burning tonight in Southern Arizona near the small town of Dragoon off Interstate 10. The fire has burned near 200 acres, according to Cochise County Sheriff's spokesperson Carol Capas.
    The fire burned 85-100 acres near Dragoon, Cochise County Sheriff's spokesperson Carol Capas told Tucson News Now on Sunday.
Content provided by
INFORMATIONAL DISCLAIMER The information contained on or provided through this site is intended for general consumer understanding and education only and is not intended to be and is not a substitute for professional financial or accounting advice. Always seek the advice of your accountant or other qualified personal finance advisor for answers to any related questions you may have. Use of this site and any information contained on or provided through this site is at your own risk and any information contained on or provided through this site is provided on an "as is" basis without any representations or warranties.