"Today we were informed by Epsilon Interactive, our national email service provider, that your email address was exposed due to unauthorized access of their system. We have been advised that the only information that was obtained is your name and email address."
That's nice.
I've received four such emails, including two from Ralphs Supermarket (interestingly, the first one says "Dear Christian Boyce" while the second one says "Dear Valued Customer"), one from Best Buy, and one from Robert Half International. Citibank, Walgreen's, and the Home Shopping Network are other companies who use Epsilon for their email marketing, along with many, MANY others. Several of these companies have sent out breezy little emails to their customers saying "Sorry about that, and watch out for viruses in emails from people you don't know. It is possible that you may receive some spam email messages. We apologize for any inconvenience." I would call this more than "inconvenient" but that's just me.
Besides making a note to stay away from Epsilon (but good luck with that-- they are the world's largest email marketing service, sending out more than FORTY BILLION EMAILS PER YEAR, for over 2500 companies), there's not much you can do, especially considering we don't know what happened. Epsilon put out a one-paragraph press release on April 1st, 2011 (no fooling) that's a little on the vague side. They don't say when the security breach happened, they don't say how many email addresses were obtained, they don't say whether it was an inside job. They DO say that apart from names and email addresses "no other personal identifiable information associated with those names was at risk."Somehow I don't find this very reassuring. If we had asked them last Thursday they would have said that NONE of the information they store was at risk at all. And they would have been wrong about that. So maybe they're wrong this time too.
It would be a good idea to be extra suspicious of emails that appear to come from a bank or a retailer asking you to "verify your information by replying to this email with name, address, social security number, and PIN." Such emails are phony and you shouldn't reply at all. If you get an email asking for that kind of information just throw it away. You should have been doing that all along but if you haven't been, start now.
