BBB Consumer Alert: Widespread Consumer Information Breach at Major Corporations May Spawn Increase in Targeted Phishing Attempts
Memphis, TN, April 5, 2010 – A number of financial and commercial institutions are informing customers that they have suffered a breach of customers’ privacy in what is believed to be one of the most widespread cases in history, according to Reuters News Agency.
Among those affected are clients of Citigroup and other large U.S. companies, including Walgreens, TiVo, Capital One, Hilton Hotel Group, Target, teleshopping company HSN, several of the nation's largest banks, as well as millions of college-bound students who accessed College Board, which administers SAT admissions exams.
The breach reportedly occurred when someone outside the company hacked into system files at Epsilon, which sends more than 40 billion e-mail ads and offers annually, usually to people who register for a company's website or who give their e-mail addresses while shopping. It also handles emails for financial institutions.
The good news is that no personal financial information appears to have been compromised. The bad news is that phishing emails delivered to your inbox may be on the rise. BBB employees have already received notifications from various companies, alerting them to this breach and warning of the potential increase in phishing attempts.
Sample notification from one of the affected companies
“With such a large number of consumers affected in this data breach and the fact that financial information doesn’t appear to have been exposed, a significant increase in phishing emails may be seen,” said Randy Hutchinson, BBB president. “Be extra cautious of emails you receive from any company or bank – even one you regularly do business with - that asks for information or contains links. If you’re not sure of its legitimacy, contact the company directly.”
Better Business Bureau Tips to Avoid Phishing Scams:
- Don't respond to e-mails requiring you to enter personal information in the e-mail or links.
- Don't respond to e-mails that threaten to close your account if you do not provide personal information immediately.
- Don't reply to e-mails asking you to send personal information.
- Don't use your e-mail address as a banking login ID or password. If you currently use your email address as your login ID, this would be a good time to change it to something more secure.
- Update all areas of your computer’s security. This will help prevent fraudulent emails from landing in your inbox in the first place and help prevent hackers from infiltrating your system.
- If you become a victim of a phishing scam, file a complaint with the Internet Crime Complaint Center at www.ic3.gov or 800-251-3221.
- If you receive an email informing you that your information was compromised by the breach, contact the sender for more information.
About BBB
BBB is an unbiased non-profit organization that sets and upholds high standards for fair and honest business behavior. Businesses that earn BBB accreditation contractually agree and adhere to the organization’s high standards of ethical business behavior. BBB provides objective advice, free business BBB Reliability ReportsTM and national charity BBB Wise Giving ReportsTM, and educational information on topics affecting marketplace trust. To further promote trust, BBB also offers complaint and dispute resolution support for consumers and businesses when there is difference in viewpoints. The first BBB was founded in 1912. Today, 125 BBBs serve communities across the U.S. and Canada, evaluating and monitoring more than 3 million local and national businesses and charities. Please visit www.bbb.org for more information about BBB.
BBB Contact:
Nancy Crawford
901.757.8627
901.213.7809
ncrawford@bbbmidsouth.org