During the last couple of weeks it’s likely that you have received a similar e-mail notifying you that your e-mail address was stolen. Epsilon, one of the largest e-mail marketing companies, had its database breached and “a subset of Epsilon clients’ customer data were exposed.” According to Epsilon the breach was limited to e-mail addresses and/or customer names only. No other personal identifiable information was stolen.

The scope of the breach and the list of large customers involved, make this one of the largest security breaches of its kind. While only about 50 clients were involved they include some of the largest companies such as Citigroup, Capital One, Walgreen, Best Buy, Target, Hilton, Kroger, Tivo, US Bank, Disney, The College Board, and Marriott.

Spear-Phishing

Even though the breach only included e-mail addresses and names, many security experts are concerned about the implications. Simply knowing someone's email address and their spending habits - or at least the brands with which they have some sort of relationship - may make it easy to craft a targeted and sophisticated phishing attack.

If scammers know that you have a credit card with Capital One, for example, they may send emails asking you to log into a website and provide personal information that will give them access to more data, including financial information. People do fall for these targeted “spear-phishing” attacks, because they appear to come from a company they have a relationship with.

Phishing Prevention

Phishing attacks are not uncommon, but, if you keep your guard up about where you click and what information you enter into a Website, you'll probably be safe. But phishing attacks do work, even if it's just for a small percentage of recipients. And as the breach at Epsilon has exposed tens of millions of email addresses, even that small percentage could prove to be a sizable number.

When you receive an email from any company you have a relationship with, make sure you scrutinize it fully. Look at the email address and verify the sender. Look for typos and strange URLs. But don't click on those links.

If you do get a suspicious email - particularly one with an urgent tone asking you to update your personal information - pick up the phone and call the company in question. Remember: very few (if any) companies will ask you for sensitive information via email. If in doubt, log into the company website directly and verify the request.

Explore Insurance

Any organization that maintains a database of customer information is at risk. Make sure you understand the liability you face and explore purchasing Network Security and Privacy Insurance.

• Coverage for data and other non-physical perils is routinely excluded under Property policies.
• The “intentional acts” exclusion found in a standard E&O policy might eliminate coverage if the breach was caused intentionally by an employee.
• E&O coverage may not respond at all for acts that are outside the provision of professional services.
• Liability arising out of the destruction of electronic data is not typically covered under the standard General Liability or Property policies.
• Crime policies generally only cover theft of money, securities or other tangible property – not information theft or the destruction of electronic data.

Don't be the cobbler with holes in his shoes! You need to take the appropriate risk management steps to protect the private client information contained within your electronic and physical files.

If that does not work, you will be glad you have separate coverage.

The Northwest sported two of the top 10, with Portland, Ore., ranked No. 10 in the list of the nation's 50 largest metro areas. Rounding out the first five were Boston, Washington D.C., San Francisco and Raleigh, N.C. Atlanta, Minneapolis, Denver, and Austin, Texas completed the top 10.

At the bottom, as in least dangerous, were Detroit (No. 50); El Paso, Texas (No. 49); and Memphis, Tenn. (No. 48).

The complete 50-city ranking can be downloaded from Symantec's Web site ( download PDF ). A more detailed description of the rating methodology and the scores for each city are available in 16-page report ( download PDF ).

Symantec also released a similar ranking for Canadian cities ( download PDF ), which puts Burlington, Ontario, at the top of the list and Longueuil, Quebec, at the bottom. Vancouver, British Columbia, the host of the 2010 Winter Olympics, was rated the fourth-most-dangerous city in Canada.

Roboform manages all of your password-encrypted web sites with one master password. Just list your favorite secure sites and access information once in Roboform, and every subsequent time you visit those password-protected URLs, the program will log you in automatically. For added security, your Roboform master password encrypts the user IDs and passwords it manages, rendering them inaccessible to unauthorized users and unreadable by hackers even if they are stolen.

www.RoboForm.com