2K does not make alert statements often, but when we do it is urgent that our entire client base know about them as quickly as possible.
The two data breeches that we are alerting you to are going to cause targeted spam messages that will most likely NOT be blocked by the Barracuda Spam filter as they ramp up AND will cause fake antivirus or fake computer maintenance utility alerts to pop up.
The targeted spam is going to be coming from a huge database breech at Epsilon, a commercial email and PR company. Epsilon's clients include Kroger, TiVo, Walgreen Drugstore, Capital One Financial, and the Home Shopping Network (HSN). The information that was vulnerable was, for the most part, limited to names and email addresses of account holders with the companies that Epsilon had as clients. Over the weekend, many of those companies affected sent out official email alerts to their users (I received one from TiVo and Capital One) about the data breech. And I have already started seeing targeted SPAM messages on my personal account asking me to click on links that would then infect my computer. You can read more about this at Yahoo Finance.
The Second data breech involves hackers using an SQL Injection attack against servers running Oracle/Sun's open source database program MySQL. This started early last week and gained momentum as the week progressed. Webfiltering company WebSense was the first to report on this. This attack is being known as the Liza Moon SQL Injection attack due to some of the domain name hosting the attacks. While this attack is not gaining access to personal information, it is causing fake antivirus and fake system maintenance alerts to be served up from millions of websites. These alerts can be very deceptive and look very real. Clicking on any of these alerts would infect a computer and begin prompting you for credit card information as payment to clean the computer.
Should you feel that you have been affected by either of these attacks, please contact 2K immediately at 717-724-0537 for assistance.