Comments on: Data breach is the Exxon Valdez of privacy Where media and technology meet Wed, 16 Nov 2016 08:48:25 +0000 hourly 1 By: ColoradoRob Thu, 07 Apr 2011 14:57:44 +0000 If you have a valid point, it’s buried deep under the FUD.
You wrote:
someone penetrated Epsilon’s security, and was able to download millions of names and addresses, which presumably are being sold on the black market at this very moment.

Epsilon has not disclosed raw numbers, so “millions” is clearly a guess. Nobody knows who did it, so “being sold on the black market at this very moment” is nothing but hyperbolic fearmongering.
My home address is in the phone book, so presumably there are burglars driving there at this very moment!

You also wrote:
The immediate result will be literally billions of spam and fraud messages flooding inboxes around the world

I agree that this would be one possible result of one of your conjectures, but it’s a huge reach to claim it’s an immediate result of the actual events.

This blog, and the comments written before mine, are all from people with a financial interest in people’s fear-based reactions. How about we hear from someone (anyone!) who’s not going to make a buck from this?

By: privachi Thu, 07 Apr 2011 04:35:07 +0000 Nice analogy! Yes, with every passing day, users have more data online, and more importantly, this data is centralized in a few services such as that provided by google and facebook. In the past, users data was distributed across services, and each of these services never ended up having a complete context (name, age, location, relations, friends etc) of the user, which meant that loss of data never ended up being very serious. Going forward, few services having all the data implies that a breach in one place can lead to a very large, highly contextualized data of the user.

Privachi ( a privacy-centric social network is an attempt in the direction of putting control back in the users hands. On Privachi, user decides where her social data resides (she can pick to have her text updates be stored in yahoo mail or her dropbox account, or her account, photos stores in picasa or flickr account, and video in youtube account), as well as lock her social data in such a manner that the storage provider or Privachi cannot unlock it. Only the user’s friends can. The goal is to decentralize storage of users data so that a breach in one location will imply only limited data loss, without revealing the context of the user.

By: HongwenZhang Wed, 06 Apr 2011 22:05:18 +0000 Thanks for your post, and for helping to keep your readers informed about this breach. In order to defend against this type of attack, businesses can no longer rely on point solutions such as firewalls, IDS/IPS devices, or simple IP reputations. Solutions that can provide deep content inspection to detect embedded attacks across email and Web sessions should also be implemented. This breach also illustrates the importance of ensuring network layer Data Leakage Prevention (DLP) for service providers, in order to prevent the outflow of email addresses. Our company, Wedge Networks has focused on building such solutions for years, and is leading efforts to prevent the good things from flowing out, and bad things from flowing in.