(CNN) - the largest in the world, "permission based" marketing company e-mail, Epsilon, said last week that someone hacked into its computer system and stole an undetermined number of e-mail names.
The extent of this breach are potentially important and has continued to grow over the weekend, with companies like TiVo, JPMorgan Chase and Capital One come forward to say their clients were affected. Epsilon reports send 40 billion emails per year on behalf of its 2,500 customers. Reuters calls it potentially "one of the biggest failures of its kind in U.S. history."
All this is quite frightening. But the worst thing that can come of it is a more insidious and sinister spam, security experts.
As the hacker under the Epsilon, just raise the e-mail addresses and names, there is little fear that the identities can be stolen and bank accounts dried up due to huge loss of information.
What security experts do not care, but it is a bad form of spam known as "phishing" targeted "or" spear phishing. "These terms apply to false e-mail trying to look real because the scammer knows something about you.
Say who had signed up to receive e-mails with Kroger, a large U.S. chain stores. If your e-mail address and name have been stolen as part of a security breach in recent years, a criminal, knowing that sometimes receive emails from Kroger and probably would not be suspicious of them, could design a fake email that looks like it came from Kroger. This email may request confidential information such as Social Security number or bank account number.
If you disclose personal data could become a victim of identity theft.
"Put your thinking cap before giving any sensitive information like a password or Social Security number online," writes the blog TechCrunch.
Safety Week, which has a current list of companies it has certified are part of this flight e-mail, saying it is still cause for alarm.
"Some may consider the type of data collected as a lesser threat, but with access to customer lists opens the possibility of phishing attacks targeting customers who expect brand communications.
"Being able to send a message to a phishing target customer of the bank and personally by name will certainly lead to a" success rate far greater than the typical spam campaign "blind" would. So having access to this information will help phishing only achieve a higher rate of success. "
Blogger is Sophos, a security company, says it is "reasonably comforting" that those who have violated the system of Epsilon was only the name and e-mail.
"Losing your e-mail spammers and scammers is likely to lead to an increase in spam, accounting for" Paul Ducklin write a corporate blog.
He added: "As noted above, the recklessness with e-mail is not a sin in the world of data leakage - both TripAdvisor and Play.com has owned until recently similar indiscretions, without significant loss of self esteem. "
So what should you do? First, take a look at the full list of companies that are supposed to have had their data compromised (some of them have emailed you directly during the weekend). If you have registered to receive e-mails from these companies - or if you gave them your e-mail on all official forms - so that your name and address may be part of the leak.
Be skeptical of e-mail coming from these companies, technology and relationship bloggers, does not provide sensitive personal information, unless you are absolutely sure that you are dealing directly with the company nor the presence of them.
"Now I am on the list of email addresses, spammers and other malefactors are more successful than targeting the victims," the technology blog Mashable.
The extent of this breach are potentially important and has continued to grow over the weekend, with companies like TiVo, JPMorgan Chase and Capital One come forward to say their clients were affected. Epsilon reports send 40 billion emails per year on behalf of its 2,500 customers. Reuters calls it potentially "one of the biggest failures of its kind in U.S. history."
All this is quite frightening. But the worst thing that can come of it is a more insidious and sinister spam, security experts.
As the hacker under the Epsilon, just raise the e-mail addresses and names, there is little fear that the identities can be stolen and bank accounts dried up due to huge loss of information.
What security experts do not care, but it is a bad form of spam known as "phishing" targeted "or" spear phishing. "These terms apply to false e-mail trying to look real because the scammer knows something about you.
Say who had signed up to receive e-mails with Kroger, a large U.S. chain stores. If your e-mail address and name have been stolen as part of a security breach in recent years, a criminal, knowing that sometimes receive emails from Kroger and probably would not be suspicious of them, could design a fake email that looks like it came from Kroger. This email may request confidential information such as Social Security number or bank account number.
If you disclose personal data could become a victim of identity theft.
"Put your thinking cap before giving any sensitive information like a password or Social Security number online," writes the blog TechCrunch.
Safety Week, which has a current list of companies it has certified are part of this flight e-mail, saying it is still cause for alarm.
"Some may consider the type of data collected as a lesser threat, but with access to customer lists opens the possibility of phishing attacks targeting customers who expect brand communications.
"Being able to send a message to a phishing target customer of the bank and personally by name will certainly lead to a" success rate far greater than the typical spam campaign "blind" would. So having access to this information will help phishing only achieve a higher rate of success. "
Blogger is Sophos, a security company, says it is "reasonably comforting" that those who have violated the system of Epsilon was only the name and e-mail.
"Losing your e-mail spammers and scammers is likely to lead to an increase in spam, accounting for" Paul Ducklin write a corporate blog.
He added: "As noted above, the recklessness with e-mail is not a sin in the world of data leakage - both TripAdvisor and Play.com has owned until recently similar indiscretions, without significant loss of self esteem. "
So what should you do? First, take a look at the full list of companies that are supposed to have had their data compromised (some of them have emailed you directly during the weekend). If you have registered to receive e-mails from these companies - or if you gave them your e-mail on all official forms - so that your name and address may be part of the leak.
Be skeptical of e-mail coming from these companies, technology and relationship bloggers, does not provide sensitive personal information, unless you are absolutely sure that you are dealing directly with the company nor the presence of them.
"Now I am on the list of email addresses, spammers and other malefactors are more successful than targeting the victims," the technology blog Mashable.