Members of the Yale community have received notification letters of a system breach at Epsilon, a major marketing services supplier to companies including Best Buy, Marriot and TIAA/CREF, said H. Morrow Long, University information security officer for ITS, in an e-mail to the Yale community. The breach leaked names and e-mail addresses but not financial data such as credit card or bank account numbers, Morrow said, but this breach might cause students to receive phishing e-mails, he added.
“As a result of this incident,” Morrow said in the e-mail, “it is possible that you may receive phishing email messages, emails that attempt to trick recipients into volunteering personal or credential-related information.”
He added that some students have already reported having received phishing e-mails from “malicious individuals.”
Morrow warned students to delete any suspicious messages straightaway and to never provide any personal information via e-mail or phone. Doing so could turn a Yale computer into a “spambot” that could prompt other e-mail providers to block Yale addresses, chief information officer for ITS Chuck Powell told the News earlier this year.
Students should report any suspicious e-mails to firstname.lastname@example.org.