Recent events in the area of Internet security have shown that big players can make a difference and shut down hackers or hacking sites. But on the other hand, hackers are still successful. Point in fact. Epsilon, an outsourcing e-mail provider was hacked on March 30. Epsilon provides e-mail services for a number of private companies and the names and e-mail addresses of individuals, and in some cases, the account balances, were compromised. In fact, as I was writing this post, I got an e-mail from my bank telling me that their e-mails database had been compromised. The e-mail provider? Epsilon.
Epsilon’s e-mail Client Stadium
Epsilon is no small player in the outsourced e-mail market. They have a base of over 2,500 clients and send over 40 billion emails annually last year. Their client base includes 7 clients of the Fortune 10 to build and host their customer databases.
What the hackers expect to get is unknown. Perhaps it is nothing more complicated that saying that they can do it, but it also may play into the idea that as a learning experience the hackers can feel confident that their approach was successful. This in turn may lead to another attack in the not so distant future.
Who is to Blame?
Obviously the hacker. But from a business point of view, you have to look at Epsilon itself. How secure was their operation? Obviously, what ever their security was, it was not enough. But again let’s face it. Even the Pentagon has been hacked into. And you know that they are really tight with their security. The point? The point is that a determined hacker will succeed, it is just a matter of time. Who knows how long the hacker took. Maybe they’ve been at it for about 2 days, or 2 years. But it does pose a different question, why don’t the companies keep their own mail server in house? It’s possible, and they could hire a consulting firm to maintain and manage the e-mail service if they didn’t have their own expertise.