Hackers behind what computer security experts believe could be the biggest data theft in US history may be planning to sell the information to cybercriminals for targeted scams.
Although the tens of millions of names and e-mail addresses swiped from online marketing firm Epsilon do not appear to have been used yet for cybercrime, experts said it may just be a matter of time.
Major US banks, hotels, retail outlets and other companies have been warning customers to be wary of fraudulent e-mails after Epsilon acknowledged last week that hackers had gained access to the Texas-based company’s e-mail system.
Epsilon, which provides e-mail services for some 2,500 companies around the world, has said that customer data for about 2 percent of its total clients was exposed in what it called an “unauthorized entry.”
Ed Heffernan, chief executive of Alliance Data Systems Corp, Epsilon’s parent company, apologized for the breach on Wednesday and said it was being investigated by federal authorities and outside computer forensics experts.
“We will leave no stone unturned and are dealing with this malicious act by highly sophisticated cyberthieves with the greatest sense of urgency,” Heffernan said.
Epsilon, which sends out over 40 billion e-mails a year, did not identify the firms whose customers’ names and e-mail addresses were taken, but dozens of US companies have come forward over the past few days.
“It’s basically a who’s who from the retail and banking space,” said Nicholas Percoco, head of Trustwave’s SpiderLabs. “Some of the top brands in the world.”
They include Hilton and Marriott hotels, telecom giant Verizon, drugstore chain Walgreens, the Home Shopping Network and retailers Best Buy, Kroger, New York & Co. and Target.
Banking and financial firms include Citigroup, JPMorgan Chase, Capital One, US Bank, Barclays Bank of Delaware and Ameriprise Financial.
Experts said the data theft at Epsilon could be the largest ever in terms of volume, comparable to the exploits of Albert -Gonzalez, a hacker serving 20 years in prison for stealing tens of millions of debit and credit card numbers.
Percoco said the Epsilon data theft may involve as many as 100 million e-mail addresses and “could end up being the largest breach ever of raw personal data, consumer data.”
“All indications are this could be the biggest one in history,” agreed Marian Merritt, Internet Safety Advocate at Symantec, the maker of Norton anti-virus software.
It is unlikely, however, to prove as damaging as the Gonzalez scams.
“The good news is it’s just the names and the e-mail addresses and the affiliation of the company that you did business with,” said Joris Evers, a security expert at McAfee.
“It’s not your credit card number or your social security card number or your home address ... information that could be more personal and used in more nefarious ways immediately,” Evers said. “There’s a lot of work to do before you can convert this into cash.”
The Epsilon data does not appear to have been used yet for any cybercrime.
“We have been looking around since this news broke for spam and scams and scammy Web sites that potentially take advantage of this breach and we haven’t seen anything just yet,” Evers said.
That may be because the hackers who carried out the Epsilon attack intend to sell the information to other cybercriminals.
“There are marketplaces on the Internet, underground markets, where people sell bulk bunches of e-mail addresses and names,” Evers said. “You can buy a million e-mail addresses for US$20 or something like that.
“But that’s just e-mail addresses, mailing lists that you can then start spamming.”
The information stolen from Epsilon is potentially much more valuable because it links names and e-mail addresses with particular companies that already have a trusted relationship with an individual.
“You’ve already identified yourself as willing to receive communications from those brands,” Merritt said. “So the cybercriminals have pretty good information to use against you.”
Taiwan Transport and Storage Corp (TTS, 台灣通運倉儲) yesterday unveiled its first electric tractor unit — manufactured by Volvo Trucks — in a ceremony in Taipei, and said the unit would soon be used to transport cement produced by Taiwan Cement Corp (TCC, 台灣水泥). Both TTS and TCC belong to TCC International Holdings Ltd (台泥國際集團). With the electric tractor unit, the Taipei-based cement firm would become the first in Taiwan to use electric vehicles to transport construction materials. TTS chairman Koo Kung-yi (辜公怡), Volvo Trucks vice president of sales and marketing Johan Selven, TCC president Roman Cheng (程耀輝) and Taikoo Motors Group
Among the rows of vibrators, rubber torsos and leather harnesses at a Chinese sex toys exhibition in Shanghai this weekend, the beginnings of an artificial intelligence (AI)-driven shift in the industry quietly pulsed. China manufactures about 70 percent of the world’s sex toys, most of it the “hardware” on display at the fair — whether that be technicolor tentacled dildos or hyper-realistic personalized silicone dolls. Yet smart toys have been rising in popularity for some time. Many major European and US brands already offer tech-enhanced products that can enable long-distance love, monitor well-being and even bring people one step closer to
RECORD-BREAKING: TSMC’s net profit last quarter beat market expectations by expanding 8.9% and it was the best first-quarter profit in the chipmaker’s history Taiwan Semiconductor Manufacturing Co (TSMC, 台積電), which counts Nvidia Corp as a key customer, yesterday said that artificial intelligence (AI) server chip revenue is set to more than double this year from last year amid rising demand. The chipmaker expects the growth momentum to continue in the next five years with an annual compound growth rate of 50 percent, TSMC chief executive officer C.C. Wei (魏哲家) told investors yesterday. By 2028, AI chips’ contribution to revenue would climb to about 20 percent from a percentage in the low teens, Wei said. “Almost all the AI innovators are working with TSMC to address the
Malaysia’s leader yesterday announced plans to build a massive semiconductor design park, aiming to boost the Southeast Asian nation’s role in the global chip industry. A prominent player in the semiconductor industry for decades, Malaysia accounts for an estimated 13 percent of global back-end manufacturing, according to German tech giant Bosch. Now it wants to go beyond production and emerge as a chip design powerhouse too, Malaysian Prime Minister Anwar Ibrahim said. “I am pleased to announce the largest IC (integrated circuit) Design Park in Southeast Asia, that will house world-class anchor tenants and collaborate with global companies such as Arm [Holdings PLC],”