Another email service provider breached. A laughing matter?

Don't laugh at the Epsilon data breachBy now, you’ve heard about the massive breach at Epsilon on March 30.

First, I should tell you, this is no laughing matter. There’s lotsa bad here. Anybody guessing that a few email addresses are not a big deal should know that an enterprise marketing service provider like Epsilon probably got hacked by very determined and highly motivated professional spammers. These guys know the value of an email address, both a lousy one scraped from the web and a good one stolen from a provider to Fortune 100 companies.

If a phishing attack to 100,000 addresses yields 100 successful responses, what if you could steal 1,000,000 addresses? How about 10,000,000? As ISPs get better at blocking spam and ESPs get better at avoiding lousy lists, companies like Epsilon become bigger, redder, hotter targets.

Laughing? Not me.

Let’s say you’re a competitor. Maybe you’re Silverpop. They’re sure not laughing.

AWeber isn’t laughing either.

With every one of these attacks, other email service providers may think about how to respond. Thoughts may range from “How do we exploit this?” to “Let’s just shut up and be glad it’s not us.” This time.

ESP customers will also be thinking about security as they vet their next ESP. So every ESP needs to decide what they’ll say. The best solution is to treat this carefully, in private and in public, making sure to keep the system and software up to security standards, strengthen relations with service vendors, and to communicate a unified response to everyone.

“It can’t happen here,” is probably a phrase to avoid. By now, it seems obvious that somebody is next.

So nobody is laughing.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s