The email marketing firm, Epsilon, used by Best Buy, Kroger, Walgreen's and Tivo, experienced a security breach where customer email addresses were accessed by an unauthorized party. 

Epsilon has over 2,500 clients and sends more than 40 billion emails daily.  Its other clients include Brookstone, US Bank, the Home Shopping Network and J.P. Morgan Chase.  We expect the list of well-known companies to grow as more information is released.

The information accessed is supposedly limited to first names and/or email addresses only.  Other personally identifiable information was reported as still being secure.

Email addresses obtained could be used for spear phishing attacks so be aware and scrutinize any emails you receive from these companies or from other trusted sources.

Our Advice: 

-  Don't open emails that appear suspicious.

-  Don't click on unknown attachments.

-  If you receive an email asking for personal information, delete it.

-  Verify that your anti-virus is up-to-date.

-  Ensure that all your systems are patched and up-to-date.

-  Be prepared for an increase in spam.

-  Cover this example in your Security Awareness program.

-  Include spear phishing and other social engineering tests in your annual, full-scope IT Audit and Network Vulnerability Assessment.

Feel free to forward this email to your employees so they are aware.  Continue to monitor the major news outlets as more information on this security breach becomes available.