Epsilon

March 2011

Tens of millions affected

In March 2011, Epsilon, the world's largest permission-based email marketing service, announced that the names and email addresses of customers of Citigroup, TiVo, and many other U.S. companies, were exposed in a huge data breach. The hack affected names and email addresses stored in over 108 retail stores, major financial firms and non-profit organizations like College Board. At the time of the incident, Epsilon had more than 2,500 clients sending 40 billion emails annually.

Result: Epsilon notified clients of the breach on April 1. Epsilon's clients then notified their customers of the hack. Epsilon has stated that 50 clients were affected, but the exact number of names and email addresses has not been released. Computerworld.com estimated that "tens of millions" of people were affected.

Sony

April 2011

77 million customers affected

In the spring of 2011, Sony was hacked through its through its PlayStation Network twice. The first security breach exposed customers' personal information to hackers, but not their credit card information. The second hack, disclosed in late April, did result in customers' credit card information being stolen. The pair of hacks affected 77 million people.

Result: Two weeks after the breach, Sony released a PlayStation 3 firmware update as a security patch. The firmware required users to change their password.

Global Payment Systems

March 2012

7 million customers affected

In the spring of 2012, the credit card processor service Global Payment Systems discovered that 1.5 million credit card records had been stolen from its system. Additionally, roughly 5.5 million consumer records were compromised, bringing the total to 7 million.

Result: As a result of the breach, Global Payments was delisted until it could prove it was in compliance with security standards. In April 2013, the payment card networks returned Global Payments its client list after it proved it was compliant with security standards.

Zappos

January 2012

24 million customers affected

In early 2012, the online retail store Zappos announced that it had been hacked, exposing the names, addresses, phone numbers, partial credit card numbers, and email addresses of 24 million customers.

Result: One day following the cyberattack, Zappos sent emails to all customers directing them to change their passwords.

Adobe Systems

October 2013

152 million customers affected

In October, the computer software company Adobe disclosed that hackers obtained personal data for almost 38 million of its customers, including names, credit and debit card numbers, and expiration dates. In November, it was discovered that the hackers had posted the personal data of more than 150 million Adobe users.

Adobe Call Center: 1-800-833-6687

For more information, Rhode Islanders may contact the Consumer Protection Unit at the Office of Attorney General at 401-274-4400 or by email at [email protected].

Target

December 2013

110 million customers affected

In December, Target announced that 40 million customer accounts were hacked stealing encrypted PIN numbers, credit and debit card numbers, card expiration dates, and the embedded code on the magnetic strip on the back of cars. Additionally, 70 million customers' personal information was compromised.

Target Call Center: 1-800-440-0680  

For more information, Rhode Islanders may contact the Consumer Protection Unit at the Office of Attorney General at 401-274-4400 or by email at [email protected].

Neiman Marcus

January 2014

1.1 million customers affected

In January, high-end retailer Neiman Marcus revealed more than 1.1 million customers were affected in hack. Between July 2013 and October 2013, customer payment cards could have been potentially visible to hackers. Additionally, 2,400 unique customer payment cards used at Neiman Marcus stores were subsequently used fraudulently.

Neiman Marcus Call Center: 1-888-888-4757

For more information, Rhode Islanders may contact the Consumer Protection Unit at the Office of Attorney General at 401-274-4400 or by email at [email protected].

Yahoo

January 2014

Up to 81 million U.S. users

Late last month, Yahoo disclosed that Yahoo's email customers may have had their passwords compromised through a third-party application. The web company recently identified a coordinated effort to gain unauthorized access to Yahoo Mail accounts, and notified RI Attorney General Peter Kilmartin. Upon discovery, the Company took action, urging users to reset passwords on impacted accounts.

Yahoo Call Center: 1-800-318-0612

For more information, Rhode Islanders may contact the Consumer Protection Unit at the Office of Attorney General at 401-274-4400 or by email at [email protected].

Michaels Stores

January 2014

Number of affected customers yet to be determined

In January, Michaels Stores announced that it is investigating a possible data security breach that may have led to customers' debit and credit card information being compromised. Michaels has more than 1,250 locations in the United States, including four in Rhode Island.

Michaels Stores Call Center: 1-800-642-4235

For more information, Rhode Islanders may contact the Consumer Protection Unit at the Office of Attorney General at 401-274-4400 or by email at [email protected].

White Lodging - Marriott, Hilton, Sheraton, Westin

February 2014

Number of affected customers yet to be determined



This week, the hospitality company White Lodging Services announced that a data breach occurred at 14 of its properties including Marriott, Radisson, Renaissance, Sheraton, Westin and Holiday Inn franchises around the country. Compromised information may have included names printed on credit or debit cards, the actual numbers, the security codes and expiration dates.



White Lodging Call Center: 219-472-2900.

For more information, Rhode Islanders may contact the Consumer Protection Unit at the Office of Attorney General at 401-274-4400 or by email at [email protected].