April 4, 2011, 3:14 PM

E-mail attack hits online retailer clients of Epsilon

Best Buy, Walgreens and HSN have warned customers they may receive malicious e-mails.

Paul Demery

Managing Editor, B2B E-commerce

Lead Photo

Epsilon, a provider of e-mail management services to more than a dozen retailers in the Internet Retailer Top 500 Guide, as well as banks and other companies, reported Friday that it had detected a March 30 unauthorized entry into its e-mail system. Intruders were able to access the names and e-mail addresses of some of the customers of Epsilon’s clients.

Several of Epsilon’s clients, including Best Buy Co. Inc., Walgreen Co. and HSN Inc., alerted their customers through e-mail and other means that some e-mail addresses had been exposed to unauthorized users who had infiltrated Epsilon’s e-mail system. Best Buy and Walgreens said in their alerts that intruders into Epsilon’s system accessed only e-mail addresses, but HSN noted that the intruders had accessed names and e-mail addresses of some of its customers.

Each of these companies also noted that a full investigation of the matter was underway by law enforcement.

Epsilon and its clients also noted that no information beyond customer e-mail addresses and names were accessed by intruders.  “A rigorous assessment by Epsilon has determined that no other information is at risk,”  Barry Judge, executive vice president and chief marketing officer of Best Buy, says in an e-mail alert to customers.

“No financial data, or other sensitive information, was accessed,” HSN said in a statement. “The information accessed was limited to the customer's name and e-mail address.” But HSN and other retailers warned customers that, as a result of the Epsilon breach, they may receive e-mail spam that could attempt to trick them into revealing confidential information such as credit card account numbers and passwords.

“HSN would never ask you to e-mail personal information, such as credit card numbers or Social Security numbers,” the retailer says in a warning to customers. “If you receive such a request, please do not respond, click on any links, or download any attachments.”

HSN is No. 25 in the Internet Retailer Top 500 Guide; Walgreens is No. 68 and Best Buy is No. 10.

Sona Chawla, president, e-commerce at Walgreen Co., will speak at the at the Internet Retailer Conference & Exhibition 2011 in a session entitled “Mobile, web, stores: Coordinating all channels to capture today's always-on consumer."

Comments | 1 Response

  • This serves as a reminder that no one is safe online and it is more important than ever for businesses to make sure they remain at the top of their game when it comes to protecting customer privacy. Not even major retailers are perfect and anyone can fall victim to a security breach. Molly Griffin Dydacomp

Sign In to Make a Comment

Comments are moderated by Internet Retailer and can be removed.

Not a member? Signup for free today!




Relevant Commentary


Sergio Pereira / B2B E-Commerce

Quill turns to its B2B customers for new ideas

Coming in April is a new section of Quill.com that will let customers and Quill ...


Charles Nicholls / E-Commerce

E-mail remarketing: three best practices to maximize revenue

Consumers who make it to the shopping cart are interested in buying. The chief strategy ...