Scammers likely to target M&S customers after data theft

Friday, April 8, 2011 - 13:19 by David Aiken

People who have bought products from the Marks & Spencer e-commerce site have been informed that they may become the target of cybercriminals, after an email provider used by the retailer suffered one of the world's worst data theft incidents.

Millions of people have had their email addresses exposed as a result of the hack of US firm Epsilon, with the result being that innocent consumers could be assaulted with spam mail linking to phishing sites, which will compromise their ability to conduct safe shopping online.

Epsilon handles high profile email campaigns for many of the world's largest companies, sending out in excess of 40 billion messages each year. Now its vast database of email addresses is feared to be in the hands of hackers, who could run amuck with the precious information.

In an email sent to thousands of UK customers, M&S explained the situation and apologised to any users who might see the levels of spam aimed at their email accounts increase, as a consequence of the leak.

The good news is that no financial information relating to any consumer has been stolen in the hack, with only email addresses and full names being accessed by malicious third parties.

Tesco is another leading UK retailer which has used Epsilon's email service to contact customers before, but a spokesperson for the firm said that it did not believe those who used its portal for safe shopping online would be affected by the recent leak.

It is possible to see the data theft and subsequent spamming as a positive, as it will help to educate consumers about the dangers of illicit emails and phishing sites, which can aid crooks in stealing identities and committing other acts of fraud with relative ease.