Email Warning from Disney Destinations
- Thread starter corpcomp
- Start date
Crissup
Upset CAK because she didn't get to hold it first.
- Joined
- Aug 18, 1999
- Messages
- 1,273
Until we know more about the attack and how it happened, we can't determine that.
Yes, agreed! Even the best can be compromised.
OK, I have to disagree with you here. RSA is not the company they once were. They still have my address wrong in their system and they just insist it's too difficult to get it fixed right. A sad state of affairs as a result of too many layers in their company.
This was likely the result of mandatory disclosure laws.
Comodo's private key was not compromised. One of their affiliates was tricked into issuing certs for domains that did not belong to them. The certs were identified quckly and revoked. Do not expect to see Comodo removed from the trusted CA list.
Comodo Blog Post About the Recent RA Compromise...
Yes, this is the problem. Even as an information security practitioner, there are times I have to do things against my better judgement if I want to do business with someone.
I was in an OfficeMax a couple weeks ago. After having to swipe my credit card myself on the little pad, I was then told that I had to give my card to the clerk, who then lowered the card out of my sight. I pointed out to him the sillyness of making me scan my own card, in an attempt to ensure security is raised by not having the card leave my possession, and then making me hand the card over anyway. As expected, the clerk looked at me with a dumb look. This is a problem almost everywhere now.
Crissup
Upset CAK because she didn't get to hold it first.
- Joined
- Aug 18, 1999
- Messages
- 1,273
Sammie
DIS Legend
- Joined
- Aug 20, 1999
- Messages
- 22,130
Sad, but true.
Yep, had all my info stolen before from a site I shop on. Credit card, name, address, email, phone number.
Then the info was posted on a website for hackers. Yes they do exist. Luckily a good samartian saw it and contacted some of us by email. The hackers then used my info to open a paypal account, paypal was useless in trying to help.
Opened an ebay account, too. I started getting phone calls wanting info about the computers and cameras I was selling.
After a very lengthy investigation by the federal officials it was found out they were in some third world country and using the money for terrorist activity.
It was not pleasant but I survived and learned alot from the investigation.
/
- Joined
- Feb 6, 2000
- Messages
- 30,887
If it is true that the only information compromised were email address, no biggie. I would hope we all have adequate anti-virus software, and we don't open emails from unfamiliar senders.
I certainly believe that our email addresses are available to almost anyone diligent enough to do a search for such info. Many addresses can simply be "guessed" by using a first initial and last name @ any common internet provider.
I certainly believe that our email addresses are available to almost anyone diligent enough to do a search for such info. Many addresses can simply be "guessed" by using a first initial and last name @ any common internet provider.
Crissup
Upset CAK because she didn't get to hold it first.
- Joined
- Aug 18, 1999
- Messages
- 1,273
The significance here is simply that, knowing that a user has a credit card account with US Bank, for example, and knowing which email address that user has on file with that credit card account, a phishing attack can be fashioned using that account, appearing to be from US Bank. And knowing that email is generally received from US Bank on that account, an unsuspecting user could be fooled.
Essentially, as you state above, a user should *always* be suspicious of *all* email, even if it's from someone they know and trust. If an email doesn't sound correct, or appear suspicious, it should always be verified, and never click on a link in a suspicious email.
yes, most people willingly give out their full names and emails on a regular basis. Many people here on the DIS have their emails in their signature lines.
Deb & Bill
DVC-Trivia Contest, Apr-2006: Honorable Mention
- Joined
- Mar 20, 2000
- Messages
- 60,919
I got Disney, College Board and Kroger messages.
com_op_2000
DVC Member since '93; One Hour from WDW
- Joined
- Jul 13, 2010
- Messages
- 5,103
Just posted on Yahoo
NEW YORK (Reuters) The e-mails and names of customers of Citigroup Inc, Walgreens and other large U.S. companies were exposed in a massive and growing data breach, after a computer hacker penetrated online marketer Epsilon.
In what could be one of the biggest such breaches in U.S. history, a diverse swath of companies that did business with Epsilon stepped forward over the weekend to warn customers some of their electronic information could have been exposed.
Video recorder TiVo Inc, credit card lender Capital One Financial Corp and teleshopping company HSN Inc added their names to a list of targets that also includes some of the nation's largest banks.
Epsilon, an online marketing unit of Alliance Data Systems Corp, said on Friday that a person outside the company hacked into some of its clients' customer files. The vendor sends more than 40 billion e-mail ads and offers annually, usually to people who register for a company's website or who give their e-mail addresses while shopping.
"We learned from our e-mail provider, Epsilon, that limited information about you was accessed by an unauthorized individual or individuals," HSN, also an e-commerce operator, said in an e-mail to customers on Sunday.
"This information included your name and e-mail address and did not include any financial or other sensitive information. We felt it was important to notify you of this incident as soon as possible."
Citigroup customer names and some credit card customers' e-mail addresses -- but no account information -- were part of the data breach, the third-largest U.S. bank said on Saturday.
Capital One, which also runs a bank, and Walgreens, the largest U.S. drugstore, said the Epsilon hacker accessed its customer e-mail addresses, but no personally identifiable information.
TiVo, a maker of digital video recorders, said the information that was obtained was limited to e-mail addresses and clients' first names.
Law enforcement authorities are investigating the breach, though it was unclear on Sunday how many customers had been exposed. Epsilon is also investigating what went wrong.
"While we are cooperating with authorities and doing a thorough investigation, we cannot say anything else," said Epsilon spokeswoman Jessica Simon. "We can't confirm any impacted or non-impacted clients, or provide a list (of companies) at this point in time."
The incident comes three years after hackers penetrated Heartland Payment Systems, a credit and debit card processor, in one of the biggest identity-theft cases in U.S. history.
In that case, notorious hacker Albert Gonzalez led a ring that stole more than 40 million payment card numbers, and was later sentenced to 20 years in prison.
On Friday, JPMorgan Chase & Co, the second-largest U.S. bank, and Kroger Co, the biggest U.S. supermarket operator, said that some customers had their names and e-mail addresses exposed as part of the Epsilon data breach.
Citigroup announced that it had been affected on Saturday evening. Spokesman Sean Kevelighan said the bank started informing its customers of the breach on Friday through a link on its website.
Some of Epsilon's other clients include Verizon Communications Inc, Blackstone Group LP's Hilton Hotels, Kraft Foods Inc, and AstraZeneca.
NEW YORK (Reuters) The e-mails and names of customers of Citigroup Inc, Walgreens and other large U.S. companies were exposed in a massive and growing data breach, after a computer hacker penetrated online marketer Epsilon.
In what could be one of the biggest such breaches in U.S. history, a diverse swath of companies that did business with Epsilon stepped forward over the weekend to warn customers some of their electronic information could have been exposed.
Video recorder TiVo Inc, credit card lender Capital One Financial Corp and teleshopping company HSN Inc added their names to a list of targets that also includes some of the nation's largest banks.
Epsilon, an online marketing unit of Alliance Data Systems Corp, said on Friday that a person outside the company hacked into some of its clients' customer files. The vendor sends more than 40 billion e-mail ads and offers annually, usually to people who register for a company's website or who give their e-mail addresses while shopping.
"We learned from our e-mail provider, Epsilon, that limited information about you was accessed by an unauthorized individual or individuals," HSN, also an e-commerce operator, said in an e-mail to customers on Sunday.
"This information included your name and e-mail address and did not include any financial or other sensitive information. We felt it was important to notify you of this incident as soon as possible."
Citigroup customer names and some credit card customers' e-mail addresses -- but no account information -- were part of the data breach, the third-largest U.S. bank said on Saturday.
Capital One, which also runs a bank, and Walgreens, the largest U.S. drugstore, said the Epsilon hacker accessed its customer e-mail addresses, but no personally identifiable information.
TiVo, a maker of digital video recorders, said the information that was obtained was limited to e-mail addresses and clients' first names.
Law enforcement authorities are investigating the breach, though it was unclear on Sunday how many customers had been exposed. Epsilon is also investigating what went wrong.
"While we are cooperating with authorities and doing a thorough investigation, we cannot say anything else," said Epsilon spokeswoman Jessica Simon. "We can't confirm any impacted or non-impacted clients, or provide a list (of companies) at this point in time."
The incident comes three years after hackers penetrated Heartland Payment Systems, a credit and debit card processor, in one of the biggest identity-theft cases in U.S. history.
In that case, notorious hacker Albert Gonzalez led a ring that stole more than 40 million payment card numbers, and was later sentenced to 20 years in prison.
On Friday, JPMorgan Chase & Co, the second-largest U.S. bank, and Kroger Co, the biggest U.S. supermarket operator, said that some customers had their names and e-mail addresses exposed as part of the Epsilon data breach.
Citigroup announced that it had been affected on Saturday evening. Spokesman Sean Kevelighan said the bank started informing its customers of the breach on Friday through a link on its website.
Some of Epsilon's other clients include Verizon Communications Inc, Blackstone Group LP's Hilton Hotels, Kraft Foods Inc, and AstraZeneca.
Thanks for posting this. My email never loaded from Disney Destinations and I was wondering what was going on.
Crissup
Upset CAK because she didn't get to hold it first.
- Joined
- Aug 18, 1999
- Messages
- 1,273
You should probably check your spam and/or junk folders to be sure.
Sammie
DIS Legend
- Joined
- Aug 20, 1999
- Messages
- 22,130
Any emails you are not sure of, do not open any attachments or download anything and never ever give any personal info to someone that has emailed you.
-
Top 13 Reasons to Visit Disneyland During Halloween Season
-
Two Universal Buses Catch Fire Friday Near Epic Universe
-
13 Limited-Time Drinks To Try in Disney Springs This Weekend
-
Disney Reveals Spider-Man & Spider-Bots on Destiny Cruise Ship
-
Nectar Life Opens in Downtown Disney at Disneyland Resort
-
Universal Epic Universe Ride Height Requirements
-
Are Disney's Temporary Ride Closures Staged to Thin Crowds?
