According to the Washington Post, a few weeks ago, EMC reported to the SEC that its RSA Security SecurID system was victimized by “an extremely sophisticated” cyberattack. SecurID tokens are used by more than 30,000 private companies and government agencies. EMC said that, while personally identifiable information wasn’t compromised, other stolen information might pave the way for a future successful attack.
More recently, Reuters reports that online marketer Epsilon fell victim to a hacker, who accessed the names and email addresses of customers from major banks, retailers, and service providers. Affected companies included TiVo, Walgreen, Capital One Financial Corp., Target, HSN, and Citigroup. While sensitive information, such as account and credit card numbers, wasn’t stolen, the breach highlights the need for information security.
Now, the U.S. Senate Privacy, Technology and the Law subcommittee is investigating the Epsilon breach, and may move toward legislation designed to increase protection of online consumer information.