View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Marks & Spencer, Verizon customers’ details exposed in Epsilon data breach

Expect spam emails, say companies, but add that banking details are safe

By CBR Staff Writer

Marks and Spencer (M&S) has warned its customers that their details may have been compromised in the data breach that affected online marketing company Epsilon.

The retail company is the first British company to admit it is affected by the attack.

In an email to customers, M&S said that customers could receive unsolicited spam mails because of the breach, which security analysts say is the largest Internet security breaches in US history.

M&S said that customers’ financial details were safe.

"We have been informed by Epsilon, a company we use to send e-mails to our customers, that some M&S customer e-mail addresses have been accessed without authorisation," the retailer said.

"We wanted to bring this to your attention as it is possible that you may receive spam e-mail messages as a result.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

"No other personal information, such as your account details, has been accessed or is at risk."

Many other large US company are also believed to be victims of the breach.

US mobile telephone carrier Verizon told its customers that it was also a part of the Epsilon data breach.

It said that customers of the company had their email addresses exposed in the breach, according to an email to customers obtained by Reuters.

It said, "Epsilon has assured us that the information exposed was limited to email addresses, and that no other information about you or your account was exposed."

Last week, Epsilon confirmed that hackers had stolen the names and email addresses from its database. It is believed that around 50 of the 2,500 companies were affected including Hilton Hotels, Best Buy, Barclaycard US and Capital One.

Epsilon placed a warning on its website saying that its database had been "exposed by an unauthorised entry."

However Epsilon had also added that the breach was limited to theft of personal information but not bank details.

It said, "The information that was obtained was limited to email addresses and/or customer names only."

"A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway."



Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.