Epsilon Data Breach Exploited to Spread Malware

The recent announcement of a massive data breach incident at email marketing services provider Epsilon is being exploited by cyber criminals to distribute malware.

At the beginning of April, Epsilon Data Management, a subsidiary of Dallas-based Alliance Data Systems, announced that hackers managed to break into its servers and steal customer email lists for 2% of its clients.

Two percent might not sound that bad, but when it represents 50 of the world's top financial institutions, retail chains, computer manufacturers and other service providers, the number of affected customers falls into the tens or hundreds of millions.

Since the incident was widely covered in the media and most of the affected companies notified their customers about their breach, people's awareness regarding it runs high.

Unfortunately, this is exactly the kind of public interest that cyber criminals are looking to exploit, because it provides them with a very large pool of potential victims for little investment.

According to security researchers from Websense who spotted the recent attack, malware distributors have created a copy of the Epsilon website, but have added a rogue update to the official announcement.

The update claims the company determined that personally identifiable information associated with client emails might also have been disclosed, reason for which a special computer program was created to help customers determine if their details were compromised.

Advertised as "Epsilon Secure Connect Tool" the program is actually a trojan downloader that currently has a fairly low AV detection count, according to Virus Total. This kind of threats is usually used as a distribution platform for other malware.

Personally identifiable information (PII) was not disclosed as a result of the Epsilon breach and if people who have doubts about being affected can reach the company at 866-595-4896.