NEW YORK (AP) — With the possible theft of millions of consumer email addresses from an advertising company, several large companies have started warning customers to expect fraudulent emails that try to coax account login information from them.

A dozen companies said over the weekend that hackers may have learned their email addresses because of a security breach at a Dallas-based company called Epsilon that manages email communications.

Among the affected companies are banks like Capital One Financial Corp., Barclays Bank, U.S. Bancorp and Citigroup Inc., JPMorgan Chase & Co., and retailers like Best Buy Co., TiVo Inc., Walgreen Co. and Kroger Co.

The College Board, the not-for-profit organization that runs the SATs, also warned that a hacker may have obtained student email addresses.

Walt Disney Co.’s travel subsidiary, Disney Destinations, sent emails warning customers on Sunday.

Epsilon said Friday that its system had been breached, exposing email addresses and customer names but no other personal information.

The email addresses could be used to target spam. It’s also a standard tactic among online fraudsters to send emails to random people, purporting to be from a large bank and asking them to login in at a site that looks like the bank’s site. Instead, the fraudulent site captures their login information and uses it to access the real account.

The data breach could make these so-called “phishing” attacks more efficient, by allowing the fraudsters to target people who actually have an account with the bank.

Epsilon sends more than 40 billion emails annually and has more than 2,500 clients.

(© Copyright 2011 The Associated Press. All Rights Reserved. This material may not be published, broadcast, rewritten or redistributed.)

Comments (12)
  1. ooopsie!! says:

    More than 2500 clients?

    Not anymore, it doesn’t.

  2. PC dummy wising up quick says:

    we recently had a pop up that we could not get rid of without looking at it-even shut the pc down and it was still there when turned back on.. Having thought the message might be part of the dell product (dealing with security-pc just recently purchased) a householld member thought it real and signed on to purchase the security program for $39.00 at which time the popup disappeared. That company hit our checking for over $81.00. Since then, my research has discovered that in the past 4 years under different company names each year, hundreds + have had same experience; and when trying to look for the downloaded security program, it is no where to be found..tho there is an unknown program that we have to fin check to see if it is part of the pc package.
    What is to say if the hackers can get in to get emails and names, they couldn’t hack in using the emails and ownership names????? Just beware – been stung, but not shut down/crashed thankfully. And our exiisting security stopped whatever may have tried to damage our pc. The $81 loss is enough, but lots of those hundreds had crashed pc after signing up for the security program.

    1. Guy says:

      Popups that won’t go away indicate a VIRUS (no legit security program would act
      like that).

      Have you run an UP-TO-DATE antivirus on that machine? Some of these go “dormant” (hide) for a period of time & then come back. (And make
      sure that it is a REAL anti-virus … see my posting later on).

      1. More to add says:

        What you had is called “scamware” its where it says you have lots and lots of horrible viruses and the only way to get rid of it is to buy their software. when all it really does is remove the warring but allows them acess to more of your pc.

        these can come from ad banners from sites that use google’s ad program. the best way to prevent these is to make sure you are updating flash and java. and if you get one the best way to get rid of is to use task manager.

        1. Guy says:

          I suspect that mine came from ANOTHER virus called “Keragany.A” which
          pretends to be an update for Adobe Acrobat & then drops other viruses.

          Task manager doesn’t get rid of “FakeRean”. It hijacks the .exe file definition inside of Windows registry. It also doesn’t allow you to start up internet explorer (so that you can’t look up how to fix it). The way that you get rid of it is to copy regedit.exe to; run THAT; fix the entry for .exe in the
          registry and THEN run the REAL M$ Security scan.

          (I was able to do this because this computer dual-boots into a separate (clean) copy of Windows & I could use THAT to look up info on how to fix this.)

  3. Sally says:

    A lot of good software out there than can protect against this!

  4. Guy says:

    To “PC Dummy” & others – beware of programs that offer “protection”… they are
    the modern day versions of the mob’s “protection racket”.

    I had this one show up just recently – named “FakeRean”:

    It pretends to be Microsoft’s Security service; but wants you to pay for it – the
    M$ Security is FREE – if it asks you to pay – its a FAKE

  5. Swamp Rat says:

    This story makes a case for using the US Postal Service. For the cost of a postage stamp you get privacy and piece of mind when paying bills for other goods and services. In over 60+ years of using the post office I’ve only had a couple cases of lost mail.

    In the few years I used on-line services etcetera I’ve had security issues, crashes, and technical foul-ups. This gets to be costly in the long purview!

  6. Tony in Roseville says:

    AVG is free and is the one I use and my bro uses Nod32…we are been hardcore PC users/modders/builders for the past 20 years…We use to run the normal Norton and other free software given from your ISP but those never fully protected you still would get some type of virus/trojan. Try one of these, you will not regret it.

  7. Lisa says:

    We also use AVG. Great program, never had a problem with it. Free Just google it and you’ll find it.

    Too bad about the email addresses. May be an opportunity for many to change their email accounts to something new.

  8. Billigflug Vergleich Usa says:

    Training Mind,sign entry car movement holiday north forward select bear mouth quiet her education demand background nurse roof date video component employ favour team none itself should gas vote international debt more me proportion conduct manager woman blow industrial image variety chapter although under close community tour considerable advantage conflict line mountain link since personal visit block expense order case outcome channel afford watch corner development step concentrate interpretation editor could previous experiment intend daughter propose that foot class version international ancient who partner contribute major build quickly college

  9. Borderline Personality DisorderSymptoms says:

    Normally I don’t read article on blogs, but I wish to say that this write-up very pressured me to try and do so! Your writing style has been surprised me. Thank you, quite great post.