And the hits just keep on coming for Epsilon

Note: CBS reports that the Secret Service is investigating the Epsilon breach. If you receive a phishing attempt that you want to report to the Secret Service, email [email protected].  You can also file a report at http://www.ic3.gov/default.aspx. I’ll add businesses to the list of affected customers as I become aware of them, so check back if you want to see what else has been reported.  See Brian Krebs’ commentary on the fears about spear phishing as a result of this breach.

  1. 1-800-FLOWERS
  2. AbeBooks
  3. Abercrombie & Fitch (WFNNB)
  4. AIR MILES Reward Program (Canada)
  5. Ameriprise
  6. Ann Taylor (WFNNB)
  7. AshleyStewart (WFNNB)
  8. Avenue (WFNNB)
  9. Barclays Bank of Delaware
  10. Beachbody
  11. Bealls (WFNNB)
  12. bebe
  13. Best Buy
  14. Best Buy Canada Reward Zone
  15. Benefit Cosmetics (see below)
  16. BJ’s Visa (Barclays Bank of Delaware)
  17. Brookstone
  18. Capital One
  19. Catherine’s (WFNNB)
  20. Chadwick’s (WFNNB)
  21. Charter Communications
  22. Chase
  23. Citigroup
  24. City Market
  25. College Board
  26. Crate & Barrel (WFNNB)
  27. Crucial
  28. David’s Bridal
  29. Dell Australia
  30. Dillons
  31. Disney Destinations (The Walt Disney Travel Company)
  32. Domestications (WFNNB)
  33. Dressbarn (WFNNB)
  34. Eddie Bauer Friends
  35. Eileen Fisher (doesn’t name Epsilon but same template letter)
  36. Ethan Allen
  37. Eurosport Soccer (Soccer.com)
  38. Express card (WFNNB)
  39. ExxonMobil Card (Citi)
  40. Fashion Bug (WFNNB)
  41. FINA (WFNNB)
  42. Food 4 Less
  43. Fred Meyer
  44. Fry’s
  45. Gander Mountain (WFNNB)
  46. Giant Eagle Fuelperks! (WFNNB)
  47. GlaxoSmithKline Consumer Healthcare (GSK)
  48. Goody’s (WFNNB)
  49. Hilton Honors
  50. Home Depot Card (Citi)
  51. Home Shopping Network (HSN)
  52. J Crew (WFNNB)
  53. J.Jill
  54. Jay C
  55. Jessica London (WFNNB)
  56. JPMorgan Chase
  57. Justice (WFNNB)
  58. KingSize Direct  (WFNNB)
  59. King Soopers
  60. Kroger
  61. Lacoste
  62. Lane Bryant (WFNNB)
  63. L.L. Bean Visa (Barclay’s)
  64. M & T Bank
  65. Marriott Rewards (FAQ on site)
  66. Marks & Spencer
  67. Maurice’s (WFNNB)
  68. McKinsey Quarterly
  69. MoneyGram
  70. MyPoints Reward Visa
  71. New York & Company
  72. NTB Card (Citi)
  73. One Stop Plus (WFNNB)
  74. PacSun (Pacific Sunwear) (WFNNB)
  75. Palais Royal (WFNNB)
  76. Peebles (WFNNB)
  77. Polo Ralph Lauren
  78. PotteryBarn/PotteryBarnKids (WFNNB)
  79. Quality Food Centers (QFC)
  80. QualityHealth
  81. RadioShack (WFNNB)
  82. Ralphs
  83. Red Roof Inn
  84. Reeds Jewelers (WFNNB)
  85. Ritz-Carlton (FAQ)
  86. Robert Half International
  87. Scottrade
  88. Sears (Citi)
  89. Shell (Citi)
  90. Smile Generation Financial
  91. Smith’s Food & Drug Centers (Smith’s Brands)
  92. Sportsman’s Guide (WFNNB)
  93. Stage (WFNNB)
  94. Stonebridge Life Insurance
  95. Target
  96. Tastefully Simple
  97. TD Ameritrade
  98. The Limited (WFNNB)
  99. The Place (Citi)
  100. TIAA-CREF
  101. TiVo
  102. Trek (WFNNB)
  103. United Retail Group (WFNNB)
  104. US Bank
  105. Value City Furniture (WFNNB)
  106. Verizon
  107. Victoria’s Secret (WFNNB)
  108. Viking River Cruises
  109. Walgreens
  110. Woman Within (WFNNB)
  111. World Financial Network National Bank

Note: WFNNB stands for World Financial Network National Bank . WFNNB is a subsidiary of Alliance Data Systems, the same company that owns Epsilon.

Thanks to all those who have copied and pasted in the emails you have received. If you have something you think I’m missing, please check the list first to see if I already have the name of the company and a working linked copy of the notice. If not, post away!

UPDATE 4-08-2011 I deleted a number of submitted comments because they are describing phishing attacks that have nothing to do with the Epsilon breach. Phishing attempts appearing to come from FedEx, DHL, etc., are old news and while you should continue to be alert so as not to fall for them, this list is only for notices that people received concerning the Epsilon breach or evidence that a phishing attempt is because of the Epsilon breach (e.g., if you used a unique email address for a company and now get a phishing attempt at that address after you were notified of the Epsilon breach).

Email address to report phishing attempts corrected. It is [email protected]

UPDATE 4-09-2011: If you’re first receiving a notice from a firm not previously mentioned on this list, please let me know the date of the email, too. There are a few entities that have been reported that do not appear on the list yet because I do not have copies of their notices or links to web sites where they are posted.  Sometimes people say one thing but when they check, it’s another company, so I need to wait for some proof before posting.

UPDATE 4-09-2011 It seems that overnight, World Financial Network National Bank (WFFNB), a subsidiary of Alliance Data Systems – the same company that owns Epsilon – removed the email security notice that they had linked to from a number of their store credit card sites.  If I was paranoid, I might think that they removed it because I was linking to it.  In any event, links from the above list may no longer work.

Benefit Cosmetics. What’s significant about their report is that they appear to be former clients of Epsilon, raising the question of why their data were on the compromised server. Did the breach occur while they were still clients or did Epsilon not remove their data from their server after they stopped using their service?

An email sent to DataLossDB who shared it with this site, read:

While we wish this was about lipstick, we have important news regarding your email address.

We were just informed by a former email vendor that the database with our customers’ names and email addresses has been compromised by an unauthorized person.  The only information at risk is your name and email address.

The vendor has assured us that "a rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway."  This data breach has also affected several other companies that work with this vendor.

About the author: Dissent