We've received four notices so far this week about Epsilon's e-mail security breakdown -- everyone from Abe Books to Best Buy has been saying sorry. The notices are a good idea, and probably necessary for them to limit / mitigate liability (in certain litigious market areas).
But I found these e-mails fairly alarming, especially when they kept coming.
But wait... there's more
Turns out that only 2% of total clients were compromised, and it was just e-mail addresses, according to Epsilon's press release. Initially, this felt reassuring, but then I started wondering... what does 2% really mean, when you are operating on this scale?
Elsewhere in the Epsilon website, I learned that they can send "15 million dynamic messages in one hour, or more than 40 billion emails a year."
Turns out that 2% of their clients amounts to about 50 companies, many of them of significant size -- according to this list. (I guess they used the 2% of clients number because the e-mails number was just too big and scary?)
So, finally I know why I am getting so many heartfelt notes from celebrities offering to help me improve my body parts, and have better date nights.
PC magazine posts more information here about the topic, and offers the suggestion of using a specific e-mail address for online shopping purposes.
But this solution means... if i actually want value-added e-mails and offers from a trusted business I deal with (e.g. Best Buy, for example, or perhaps a hotel or airline), I then have to wade through a ton of spam to get it.