Australia's Privacy Commissioner to Investigate Epsilon Breach

Australian Privacy Commissioner Timothy Pilgrim has launched an investigation into the recent data breach at email marketing services provider Epsilon which resulted in the exposure of millions of email addresses.

The security community is still in shock over the extent of the Epsilon breach which affected the customers of around 50 of the world's largest financial institutions, retail chains, computer manufacturers and other service providers.

Epsilon, a subsidiary of Alliance Data Systems, boasts about being the world’s largest permission-based email marketing provide, but its biggest concern right now is reassuring over 2,500 clients that it is capable of safeguarding the privacy of their customers.

"We fully recognize the impact this has had on our clients and their customers, and on behalf of the entire Alliance Data organization, we sincerely apologize," said Ed Heffernan, chief executive officer of Alliance Data.

"While we can't reverse what has already happened, we are taking every measure necessary to protect our clients and their most valuable assets – their customers," he added.

The fallout extended beyond US borders with Dell notifying its Australian customers that their email addresses and names have been exposed as well.

There are reports of more Australian companies beeing affected since Epsilon has offices in the country. As a result, the Australian Privacy Commissioner launched an investigation to establish the true extent of the breach.

"We will be contacting Epsilon to see if there are any other Australian companies involved in this breach," Privacy Commissioner Timothy Pilgrim said, according to The Australian.

"I would want to call on all those companies dealing with Epsilon to look at how they are notifying their customers, as Dell has, should there have been the same level of compromise. I want to see what action is being taken," he added.

The Privacy Commissioner also said there was a risk of cyber criminals using the information combined with known business relationships to launch targeted attacks.