The Australian division of technology giant Dell yesterday warned that some local consumer and small business customers had had their email addresses and first and last names exposed in the giant security breach suffered by US email marketing giant Epsilon.
“Dell’s global email service provider, Epsilon, recently informed us that their email system was exposed to unauthorised entry,” the company’s consumer and small business executive director for Australia, Deborah Harrigan, wrote in an email to what appeared to be affected customers.
“As a result, your email address, and your first name and last name may have been accessed by an unauthorised party. Epsilon took immediate action to close the vulnerability and notify US law enforcement officials.”
The executive noted that no credit card, banking or other personal information was disclosed in the hack, but warned customers to be alert to suspicious emails requesting further personal details from customers. In addition, Harrigan wrote that Dell had notified the Australian privacy commissioner and the Australian Communications and Media Authority of the breach.
“Dell Australia takes its commitment to protecting customer data very seriously,” Harrigan wrote. “We sincerely regret that this incident has taken place and we will continue to work with Epsilon to ensure that all appropriate measures are taken to protect your personal information.”
Asked to comment, a Dell spokesperson issued a similar statement to that sent by Harrigan directly to customers.
The list of companies affected has grown rapidly since the breach was disclosed this week, with a large number of primarily US-based companies affected — with top tier names like Citigroup, Disney, L. L. Bean, TiVo and others notifying their customers of the hack.
Security experts have warned that the breach has the potential to fuel further attempts to breach the privacy and security of customers who have had their email address stolen, as attackers may seek to contact affected email addresses to request further information such as credit card details.
However, Epsilon yesterday in the US said that the affected clients represented only approximately two percent of its total client base.
“We are extremely regretful that this incident has impacted a portion of Epsilon’s clients and their customers. We take consumer privacy very seriously and work diligently to protect customer information,” said Bryan J. Kennedy, president of Epsilon, in a statement. “We apologise for the inconvenience that this matter has caused consumers and for the potential unsolicited emails that may occur as a result of this incident. We are taking immediate action to develop corrective measures intended to restore client confidence in our business and in turn regain their customers’ confidence.”