The Epsilon data breach just got more serious — or at least, more embarrassing. When the database hack that compromised the subscriber lists of over 100 companies was first revealed, Epsilon said that only names and email addresses were exposed — meaning all the millions of people affected had to fear was a lot of spam and possibly some targeted phishing attacks. But now there’s a drug company on the Epsilon breach list; its client list included the drug websites to which its customers subscribed — and thus implies which medical conditions they may suffer from.
The Wall Street Journal reports that GlaxoSmithKline sent a letter to consumers over the weekend who had “registered with Glaxo Web sites for some prescription and nonprescription drugs and products,” warning them that their email addresses and names had been hacked, and that the stolen information “may have identified the product website on which you registered.”
Glaxo has websites for products ranging from HIV, bipolar disorder, and depression medication to Nicorette gum. And if you’re a Beano registrant, some hacker out there may be having a gas at your expense.
Read more here