Disney Destinations E-mail server hacked?

[k5jm]

At least Chase sent a little more information than the rest of the "cut and paste" emails that were sent out.

Chase is letting our customers know that we have been informed by Epsilon, a vendor we use to send e-mails, that an unauthorized person outside Epsilon accessed files that included e-mail addresses of some Chase customers. We have a team at Epsilon investigating and we are confident that the information that was retrieved included some Chase customer e-mail addresses, but did not include any customer account or financial information. Based on everything we know, your accounts and confidential information remain secure. As always, we are advising our customers of everything we know as we know it, and will keep you informed on what impact, if any, this will have on you.

We apologize if this causes you any inconvenience. We want to remind you that Chase will never ask for your personal information or login credentials in an e-mail. As always, be cautious if you receive e-mails asking for your personal information and be on the lookout for unwanted spam. It is not Chase's practice to request personal information by e-mail.

As a reminder, we recommend that you:

Don't give your Chase OnlineSM User ID or password in e-mail.
Don't respond to e-mails that require you to enter personal information directly into the e-mail.
Don't respond to e-mails threatening to close your account if you do not take the immediate action of providing personal information.
Don't reply to e-mails asking you to send personal information.
Don't use your e-mail address as a login ID or password.
The security of your information is a critical priority to us and we strive to handle it carefully at all times. Please visit our Security Center at chase.com and click on "Fraud Information" under the "How to Report Fraud." It provides additional information on exercising caution when reading e-mails that appear to be sent by us.

Sincerely,

Patricia O. Baker

Senior Vice President

Chase Executive Office

Chase realizes that there is potential for a phishing scam.

 

[WebmasterAlex]

It is absolutely ridiculous that all of this data was in a single database. At some point somebody should have realized the exposure and divided it up.
OH wait that would have cost money.

 

[rhyeck]

Started getting spam e-mails already...

 

[pxlbarrel]

Well, in addition to Disney Destinations, I've gotten emails from Hilton Honors and Best Buy. And I just saw this reported on the local news.

 

[princessbride6205]

Just got the e-mail from Target as well.
I agree that this seems strange that it would have comprised every single one of Epsilon's client lists.

 

[WaltD4Me]

I've now gotten the email from Disney, Target, Walgreens, 1800Flowers and HSN. I rarely click on anything in an email even before this. I have told my family and friends the best thing they can do if they get an email from these companies with special offers or requests for information, ect...is to not click on any email links. Instead go to the company website, as in, type their web address in your toolbar and bring up the site, anything sent in a legitimate email should also be accessible to you on their website.

 

[book_junkie]

What's really strange is that we're only getting messages on SOME accounts... My husband, who ONLY used his online email (one used for rewards, etc.) to Disney for email confirmations of our reservation, got the warning email, as well as from Best Buy and Hilton. Only ONE of my emails that have been used for Disney (which was used for other things by other companies that used the third party company) got the warning email. Other emails that I know I've used for Disney in desperate attempts to get PINs didn't get the warning email yet.

 

[Joshua_me]

I have told my family and friends the best thing they can do if they get an email from these companies with special offers or requests for information, ect...is to not click on any email links. Instead go to the company website, as in, type their web address in your toolbar and bring up the site, anything sent in a legitimate email should also be accessible to you on their website.

^ Excellent advise !

 

[*NikkiBell*]

Just got a notice from Target and Red Roof Inn.

 

[MMouse1928]

I received this e-mail from my Collegeboard account late Saturday night around 11:00PM and today at 7:28PM, my e-mail address sent out an e-mail to all of my contacts (only 6 thank goodness) containing a virus. I successfully changed my password and I am trying to cancel my account with Collegeboard, but turns out I have to call them.

 

[WebmasterAlex]

Here's the latest list according to Security Week

Kroger

• TiVo

• US Bank

• JPMorgan Chase

• Capital One

• Citi

• Home Shopping Network (HSN) (added 4/3 @10:22am)

• Ameriprise Financial

• LL Bean Visa Card

• Lacoste

• AbeBooks

• Hilton Honors Program

• Dillons

• Fred Meyer

• Beachbody (Makers of TRX)

• TD Ameritrade

• Ethan Allen

• Eileen Fisher

• MoneyGram

• TIAA-CREF

• McKinsey & Company

• Ritz-Carlton Rewards

• Marriott Rewards

• New York & Company

• Brookstone

• Walgreens (Again!)

• The College Board (added 4/3 @8:20am)

• Disney Destinations

• Best Buy

• Robert Half


• Target

• QFC

• bebe Stores


• Ralphs

• Fry's

• 1-800-Flowers

• Red Roof Inn

• King Soopers

• Air Miles

• Eddie Bauer

 

[pal-mickey]

I have the same thing as a pp. I received an email from best buy and college boards, but not from Disney. I'm also confused as to what I should do next. Should I close the email acct or just change my password?

 

[WebmasterAlex]

I have the same thing as a pp. I received an email from best buy and college boards, but not from Disney. I'm also confused as to what I should do next. Should I close the email acct or just change my password?

Your email account was not hacked, there's no need to change the password (although it's always a good idea!). What you need to be concerned about is an increase in spam, particularly phishing emails. As one example you may get an email from Best Buy, it will look very official and will try to trick you into doing something, clicking on a link, calling a phone number etc. They will then try to get you to reveal some personal information.

 

[sayhello]

Good Grief! That's a mighty big list!

Has anyone heard what the nature of the breach was? Hacking? Misplaced backup tape? Lost laptop?

I can't imagine this is doing much for Epsilon's reputation!

Sayhello

 

[pal-mickey]

Your email account was not hacked, there's no need to change the password (although it's always a good idea!). What you need to be concerned about is an increase in spam, particularly phishing emails. As one example you may get an email from Best Buy, it will look very official and will try to trick you into doing something, clicking on a link, calling a phone number etc. They will then try to get you to reveal some personal information.

Thanks for the info. My dh informed me that Verizon has had some kind of breech also.

 

[WebmasterAlex]

More companies added:
• Kroger

• TiVo

• US Bank

• JPMorgan Chase

• Capital One

• Citi

• Home Shopping Network (HSN) (added 4/3 @10:22am)

• Ameriprise Financial

• LL Bean Visa Card

• Lacoste

• AbeBooks

• Hilton Honors Program

• Dillons

• Fred Meyer

• Beachbody (Makers of TRX)

• TD Ameritrade

• Ethan Allen

• Eileen Fisher

• MoneyGram

• TIAA-CREF

• Verizon

• Marks & Spencer (UK)

• City Market

• Smith Brands

• McKinsey & Company

• Ritz-Carlton Rewards

• Marriott Rewards

• New York & Company

• Brookstone

• Walgreens (Again!)

• The College Board (added 4/3 @8:20am)

• Disney Destinations

• Best Buy

• Robert Half

• Target

• QFC

• bebe Stores

• Ralphs

• Fry's

• 1-800-Flowers

• Red Roof Inn

• King Soopers

• Air Miles

• Eddie Bauer

• Scottrade

• Dell Australia

• Jay C

 

[crazy4stitch]

Yep, got one from Disney and a couple of days later I got one from a couple of other companies.. And yes I think my spam has increased. Anyone need a forklift? I can forward an email for you!