Hackers Steal Names and E-Mails of LLB Card Holders

 

In a letter to L.L.Bean credit card holders, Barclays Bank of Delaware said hackers had only obtained their name and email address, but warned them to be alert to spam asking for additional information about their accounts.

“Please note, Barclays will never ask you in an email to verify sensitive information such as your full account number, Username, Password or Social Security Number,” read the letter. “Therefore, any email which does so should be treated suspiciously, even if it looks like it comes from Barclays.”

Barclays said the data breach occurred at Epsilon, a third party provider of permission-based e-mail marketing services, owned by Alliance Data Systems Corporation (ADS) of Dallas. Epsilon has warned customers of Best Buy Co., TiVo Inc., Walgreens and other retailers that their credit card customer’s information was also hacked. ADS said Wednesday that only about 2% of Epsilon’s total client base was affected by the breach.

Epsilon is working with federal authorities, as well as other outside forensics experts, to both investigate this matter and to ensure that any additional security safeguards needed will be promptly implemented. The company has already reviewed its security protocols and further restricted access to the system pending its investigation.

“While we can't reverse what has already happened, we are taking every measure necessary to protect our clients and their most valuable assets – their customers,” said Alliance Data CEO Ed Heffernan in a statement released Wednesday aimed at ADS investors. “We will leave no stone unturned and are dealing with this malicious act by highly sophisticated cyber-thieves with the greatest sense of urgency.”
Epsilon said that it had already resumed marketing campaigns for some affected clients and did not expect its email volumes to be significantly impacted.