Consumer Protection Division
(208) 334-2424 or
Toll-free at (800) 432-3545

Media Contact: Bob Cooper
(208) 334-4112

Date: April 5, 2011

Epsilon Marketing Data Breach Requires Extra Email Caution

(Boise) - Attorney General Lawrence Wasden issued a consumer alert today regarding the March 30th data breach at Epsilon Marketing, an Irving, Texas-based email marketing firm. According to Epsilon, hackers accessed its corporate clients’ records, which contained consumers’ names and email addresses. With more than 2,500 clients, Epsilon sends over 40 billion marketing emails annually. Law enforcement and Epsilon security are investigating the breach.

Idaho consumers likely have received emails already from one or more of Epsilon’s affected clients, warning of the breach. These warning emails, which will continue as more affected clients are identified, inform consumers of what occurred and remind consumers that companies will never ask for the consumer’s password or financial information in an email.

“The biggest risk from this data breach is that the thieves, now in possession of your name, email address, and business relationships, could send phishing emails. These emails will look like they came from a bank or retailer with whom you do business,” Attorney General Lawrence Wasden said. “Be very cautious about clicking on links in emails and never log into your account from an emailed link. Never email passwords, financial information, or other personal identifying information to anyone and always conduct financial transactions on secure websites.”

The list of affected businesses continues to grow, but currently includes the following:

  • 1-800-Flowers
  • AbeBooks
  • Ameriprise Financial
  • Barclays Bank of Delaware
  • Barclays L.L. Bean Visa
  • bebe
  • Benefit Cosmetics
  • Best Buy
  • Borders
  • Brookstone
  • Citi
  • College Board
  • Disney Destinations
  • Eileen Fisher
  • Ethan Allen
  • Fred Meyer (Kroger brands)
  • Hilton Hotels
  • Home Shopping Network
  • JPMorgan Chase
  • Lacoste
  • Marriot-Rewards
  • McKinsey Quarterly
  • New York & Company
  • Red Roof Inn
  • Ritz-Carlton Rewards
  • Target
  • TD Ameritrade
  • TiVo
  • U.S. Bank
  • Walgreens

Consumers who receive a phishing attempt because of the Epsilon data breach can report it to the U.S. Secret Service by emailing If consumers have questions or concerns about the data breach, Epsilon asks that they contact Sarah Branam at 303-410-5369 or at Consumers also can contact the affected companies directly with questions and concerns. If consumers lose money due to an email scam, they can file a complaint with the Internet Crime Complaint Center at or the Federal Trade Commission at

Consumers should monitor their credit reports for suspicious activity and can obtain a free copy of their report from the three major credit reporting agencies every year. To obtain a free report from each agency, consumers can visit Click here for more information about Internet safety and how to prevent identity theft.

File a Consumer Complaint St. Luke's Antitrust Case Other Consumer Topics Protect Yourself from Identity Theft Consumer Manuals Consumer Alerts Information on the National Do Not Call List Idaho Gasoline Issues