Over the weekend, a security breach at Epsilon, an online marketing unit of Alliance Data Systems Corp., exposed millions of people to phishing attacks. Epsilon’s customers include well-known and large companies such as Citigroup Inc., Capital One Financial Corp., JPMorgan Chase & Co., U.S. Bank, Barclays Bank, Ameriprise Financial Inc., Walgreens, Kroger Co., New York & Co., Verizon Communications Inc., TiVo Inc., the Home Shopping Network, Hilton Hotels, Best Buy, Disney Destinations, Kraft Foods Inc., AstraZeneca, and College Board.
Hackers broke into Epsilon’s database and accessed millions of names and email addresses. While financial information such as credit card numbers or social security numbers does not appear to have been compromised, hackers will likely use the names and email addresses to try to lure people into providing them with their account login information.
Because a breakdown in the security of one of their vendors, all of the companies listed above have had their reputations damaged with their own customers who trusted them with their personal electronic data. Do you know if your customers’ personal and financial data is secure with your vendors?
One way to be sure is to insist the vendors you work with that store your customers’ information regularly undergo SAS 70 audits (soon to be replaced with Service Organization Controls (SOC) reports). This ensures that they have controls in place to keep your customer’s information secure.
Click here to learn more about SAS 70 auditing or here to learn about the conversion to SSAE No. 16. We invite you to post a comment or question below or contact our SAS 70 Group at 440-449-6800 for more information.
Subscribe to this blog
That's an RSS feed. Just click on it to receive content updates.
Follow Us On...
Powered by Compendium
Comments for Is Your Customer’s Information Secure?