Disney Destinations Email - Emails compromised

[Cafeen]

For those worried about additional information. Epsilon is a marketing company. As such, they wouldn't even have access the payment information information for Disney (or any of these other companies). They simply handle the Email lists and sending out various promotional "things" for their clients. Stuff like this happens very, very often. It only gets reporting when big name companies get hit (or when it's this widespread).

Now, with breaches like this, there's always a chance to get hit with spam and/or other "bad things". But, in the wild world of the internet, there's also a chance to get hit with them every day, even from reputible sites. The biggest concern would likely be the random spam that most of us deal with anyway.

Grab a good (read: not Norton or MacAfee) Anti-virus with a real-time scanner and another anti-Malware program (I personally use Avast! for my anti-virus and Spybot S&D as well, both have real time shields, and even better, both are free for home use and have a much higher "catch-rate" than the big names), run some scans, turn the shields on, and follow safe-browsing tactics (there are lots of articles on this that you can find) and you'll be fine.

And to note. National news has a very long track record of blowing things out of proportion for either ratings, or some other effect. If the effect of this is to reinforce anti-virus and safe-browsing, then it's good in the long run, but nothing to panic about.

 

[POOHsie]

I am not blaming Disney nor do I expect compensation...I expect the problem to be addressed and fixed.I was commenting on the people that said Disney should send a discount to make up for it..I was commenting to show It is NOT a disney-only problem, that many many companies are involved that use this 3rd party provider that was hacked.

No flames for anyone. Just a general comment about what happened.

I got the letter from Disney Destinations and one from Kroger. Third-party company Epsilon, who seems to have handled email service for Disney Destinations, Kroger, NY & Co, Kohls, and multiple other companies, should have had the best safeguards in effect so as not to be hacked. To say "the problem should be fixed," I reply: they went cheap on securing their data (actually MY data) in the first place.

 

[jgraney106]

I received a blank email from them today. Would really like to know if the ones that received blank emails are different somehow?

 

[larryz]

I'm more inclined to believe the news reports stating that this was a malicious hack of not just "Disney" emails, but of all companies affiliated with that email system in attempt to gather information.

Unless you sent your email password along with your last message to Disney, you won't have much to worry about. You're far more likely to infect yourself by clicking on a link in an email from someone you don't know. That said, there are some things you can do to help protect yourself...

Things to do today:
1) make sure my operating system and browser of choice are fully patched with the latest security updates.
2) make sure my anti-virus is current and all the internet security options are turned on and functioning.
3) make sure my router's and/or my computer's firewall is running and blocking all unsolicited packets coming inbound from the internet.
4) remind all the users on my home network to NOT click on any links in emails from strangers or from these companies reporting hacks in their email providers' databases.
5) remove attachments from emails and scan them individually and separately from the email application.

If you do all of that, you should be just fine. Incidentally, that's the stuff you should be doing on a regular basis anyway...

 

[kikiq]

I recently started receiving spam on one of my email accounts and couldn't figure out why. It's an account I use for personal use and purchases. I also received the email from Disney yesterday. It does explain why that one account was getting spammed.

 

[mlittig]

I also got the Disney Destinations e-mail today

 

[valentine92]

I got the email too from Disney Destinations and HSN

 

[rie'smom]

I went to my Disney account, banking, HSN, PayPal, ebay, and email accounts and changed passwords. Hopefully this will help. I had to write them down because instead of most of them having the same password, they are now all different.

 

[Nancy F]

Any company who uses Epsilon will be getting in touch. Or should. One was my Airtran's Visa.
Nancy

 

[kathie859]

Received the email from Disney Destinations first THEN from US Bank who uses the same company.. Would have thought the bank would have been first!

 

[Craigdarroch]

Unless you sent your email password along with your last message to Disney, you won't have much to worry about. You're far more likely to infect yourself by clicking on a link in an email from someone you don't know. That said, there are some things you can do to help protect yourself...

Things to do today:
1) make sure my operating system and browser of choice are fully patched with the latest security updates.
2) make sure my anti-virus is current and all the internet security options are turned on and functioning.
3) make sure my router's and/or my computer's firewall is running and blocking all unsolicited packets coming inbound from the internet.
4) remind all the users on my home network to NOT click on any links in emails from strangers or from these companies reporting hacks in their email providers' databases.
5) remove attachments from emails and scan them individually and separately from the email application.

If you do all of that, you should be just fine. Incidentally, that's the stuff you should be doing on a regular basis anyway...

It has nothing to do with sending "Disney" or any other company your password or email. It has to do with them hacking your system via your email. Once they have your email, they send you messages that look like spam. Once you even click on that email to delete it... they've got you. From there, even though the email is deleted they have a worm that starts tracking everything you do on your computer, including online banking and making purchases online.
This is nothing new and has been happening for years. Literally thousands of companies have been hacked in this way (they may not be upfront about it as Disney was but trust me, it happens every day).
In many cases, your virus protection will block it, but there are new information gathering worms coming out every single day so it's hard for even programs like Norton and McAfee to keep up with them.

 

[DL50Cruiser]

Thanks!

 

[Tinkerbelle32]

We got the dreaded email as well! I called Disney and received the same"I'm sorry" bit and was then told to call att and see if they have a stronger spam filter. Good lord, I'm getting sooo much junk mail now.

 

[larryz]

It has to do with them hacking your system via your email.

They can't "hack your system via your email" without your help.

Turn off the Outlook preview pane on your inbox (and your junk mail folder). Don't click on links in an email. Don't open attachments without scanning them.

Now that we know they have our live addresses (and they know they're live addresses), we'll just have to be even more careful and watch out for sneaky-trapped messages.

I want to know if the hacker got the client names along with the victim email addresses and user names. If he did, we can't trust emails from Disney Destinations any more.

 

[manning]

I got something like this a couple of months ago pitching Viagra.

I got an email from a friend and didn't pay attention that there was not a title.

Someone had hacked his contact list and sent out emails with the virus.

I had to run the anti-virus and anti-malware programs to get rid of it.

If you opened the email I would you do the same.

 

[Lillian Gracey]

I've gotten quite a few of these emails in the last couple of weeks or so. I never opened them because there was a red exclamation point next to the sender name so that was a red flag right there.

 

[mamamary]

I just got the e-mail this morning

 

[chuckml]

I got it too. I have used 2 different email addresses on the WDW website in the past, and I got the warning to both addresses.

 

[DRDISNEYMD]

I got one from Disney Destinations and HSN yesterday. But this morning I got one from Chase Bank! At least they informed us in their email that they already have a team at Epsilon investigating to make sure no other info has been accessed.

 

[Sneezie]

I got the e-mail this morning too. It's a good thing I use my work e-mail address to receive Disney Destination information and my company has very strong anti-virus, anti spyware, etc. systems in place.