It is never a surprise to read of a large corporation having their cache of data of private customer details being compromised. Credit card companies have had customer names and card #s stolen by savvy online thieves. Retailers have had their databases cracked with large numbers of client names, account #s, billing information and sales history taken. No company is safe from those desiring to do onerous deeds through the internet. Multi billion dollar corporations that promise you that your information is safe and invest millions in security are still having their safes cracked. We live in a time where identity theft and fraud are an ever burgeoning part of crime. And while we become ever more reliant on technology we have yet to step up how to protect the public from internet crime. We keep putting more cops on the streets while crime rates continue to go down yet government seemingly ignores this growing problem. The government of Canada's own computer databases were successfully hacked last year in a number of instances.
So think twice before giving anyone your personal data. Companies don't need any more information than that which is absolutely necessary. Why am I writing about this? Well, because I received the following note from the Best Buy Reward Zone :
Dear Marcus Bassett,
We have been informed by our email service provider, Epsilon, that your name and email address have been exposed by unauthorized entry into their system. Epsilon deploys emails on our behalf to our Reward Zone members. Click here to read Epsilon's statement.
We have been assured by Epsilon that the only information that has been exposed was your name and email address. A rigorous assessment by Epsilon has determined that account details, passwords or any other personal information were not at risk.
It is possible that you may receive spam email messages as a result and we would advise you to be very cautious when opening links or attachments from unknown senders. More information on spam and protecting yourself from email fraud can be found here.
In keeping with security industry best practices, Best Buy will never ask you to provide or confirm any information, including credit card numbers, unless you are on our secure e-commerce site, www.bestbuy.ca. If you receive an email asking for personal information, delete it. It did not come from Best Buy. The next scheduled email from Reward Zone about our Trade In Event will arrive to your inbox on April 15, 2011.
Our service provider has reported this incident to the appropriate authorities.
We regret this has taken place and any inconvenience this may have caused you. We take your privacy very seriously, and we are working diligently to fully investigate this situation and continue to protect your personal information. If you have further concerns or questions please contact us: 1-866-BEST-BUY (238-7289) or customercare@bestbuycanada.ca.
Sincerely,
Angela Scardillo
Vice President of Marketing
Best Buy Canada
Sure, it was just my name and email address which were compromised but smart data thieves will use a Best Buy seeming email/logo/request to misdirect people on these lists to further divulge data to them in order to use those details. Unfortunately, this is a very lucrative practice for these thieves...otherwise they wouldn't bother doing it.
Here was my response :
Dear Best Buy,
Thank you for warning me that you and the company you are in cahoots with have compromised my email address. I appreciate the warning.
That I will likely receive an even greater # of spam emails (not including the ones you already send me on a regular basis) has caused me to review my policies in reference to trusting big corporations with my private contact details. As such, kindly remove my email address and name from your databases and that of Epsilon as well. I do not wish to receive further emails from you in any ongoing manner (save to confirm the following actions). I also desire that my email address no longer reside in ANY of your computers/databases. Please do confirm to me that you have deleted my information so that I can sleep slightly better at night.
Yours actually (and not just some computer program auto dialer),
Marcus Bassett
Addendum
I received an email from Airmiles this evening. Guess what it said? Yep, their email service provider "had an unauthorized entry into their email platform." Again, my first name, last name, and email address may have been compromised.
Great! Airmiles doesn't say who their email service provider is but i wouldn't be too surprised to hear that it is Epsilon. Makes me wonder just how secure a system Epsilon is using. I will soon be sending a similar email to Airmiles as I did Best Buy. Still haven't received a response from Best Buy.
2nd Addendum
turns out the 2 companies do use the same web marketer. The following article appears in the Globe and Mail and advises that MILLIONS of individuals email addresses and names were taken. wow.
http://www.theglobeandmail.com/news/technology/tech-news/canadians-among-millions-at-risk-following-us-security-breach/article1971001/
Further Hacker Damage
http://www.huffingtonpost.com/2011/04/26/playstation-network-hacker-stole-user-data_n_854106.html
Playstation's network was hacked and they have, really, no idea how much information was compromised. Surely names, addresses, and passwords were stolen. And quite possibly credit card info and purchase history.
No comments:
Post a Comment