1
Epsilon breach keeps growing
Yesterday, we (and lots of news sources) talked about the massive hack that took place at Epsilon. It's a company that handles email communications for lots of big companies like Target, LL Bean, Kroger, Best Buy, Hilton, and loads more. As more customers of Epsilon are revealed, the list of companies affected and the list of people affected will keep growing. The good news: it appears to be isolated to names and emails, Epsilon says no financial data was involved.
The bad news, and this is the question that's really been bugging me lately, are we losing the security war? Every day it seems brings news of something like this and the stakes keep getting higher. In Epsilon's case, if you've ever given your email address to any of these customers, you have to assume your privacy is compromised. Is it just a case of more of these hacks being known or is security evolving at a slower pace than hacking is?
Thanks for your post, and for helping to keep your readers informed about this breach. In order to defend against this type of attack, businesses can no longer rely on point solutions such as firewalls, IDS/IPS devices, or simple IP reputations. Solutions that can provide deep content inspection to detect embedded attacks across email and Web sessions should also be implemented. This breach also illustrates the importance of ensuring network layer Data Leakage Prevention (DLP) for service providers, in order to prevent the outflow of email addresses. Our company, Wedge Networks has focused on building such solutions for years, and is leading efforts to prevent the good things from flowing out, and bad things from flowing in.
