Sunday, April 17, 2011

GlaxoSmithKline Email Database Hacked




In what has become an all to frequent occurrence, I received the following email form GSK yesterday. I give them kudos for being forthright and letting me know about the security breach. After all, this wasn't something they were responsible for as they had a third party vendor that was/is handling their email. Unfortunately, they will get the flack for it even though it truly was not under their control.

What I've taken away from the recent news stories and alerts I've received about these email security breaches, is that it's become rather obvious that spam is big business. I mean I suppose we've all known that... since we're inundated with these worthless emails on a daily basis, but now? It's got to be really profitable if they are willing to perform electronic break ins to grab viable addresses.

Here's an idea: Instead of using filters, alternate addresses, and the like, we just all agree to not respond to these stupid things? If no one bought into these scams or responded to them, there would be no financial incentive and soon the spam would stop.

Also, everyone needs to be very aware of security and be on the lookout for phishing scams. When it comes to security, the weakest link is usually the human using the computer. It's very easy to fall prey to phishing attacks if they happen to get you at the wrong time. I've heard many tales of people who were victimized when they were tired, working on a tight work deadline, etc and just let their guard down for a minute.

Here is the email from GSK. Congrats to them for giving us the heads up.


Dear GlaxoSmithKline Consumer Healthcare Customer:

On April 4, 2011, we were informed by Epsilon, a company we have used to manage email communications on our product websites, that files containing the email addresses of some of our consumers were accessed by an unauthorized third party. You are receiving this message because you have registered on one of our product websites. For a list of our products, please visit our website, http://us.gsk.com/.

The information accessed included email addresses and first and last names. The file from which your name and email address were accessed may have identified the product website on which you registered. We take your privacy seriously and want you to be aware of this situation so that you can remain alert to any unusual or suspicious emails.

One of the primary concerns arising from a breach of this nature is that your information may be used to generate fraudulent email messages that may appear legitimate but are intended to gather confidential information that you would not otherwise reveal.

GlaxoSmithKline Consumer Healthcare will never ask you to provide or confirm any personal information in emails. Do not respond in any way to emails that appear to be coming from GlaxoSmithKline Consumer Healthcare that ask for personal information. If you receive an email requesting this information, you should delete it even if it appears to be legitimate. Any unusual or suspicious emails should be deleted without opening.

We also encourage you to take this opportunity to strengthen your passwords on any of your online accounts, particularly those that use the email address impacted by this breach as an account ID, to ensure your ongoing security. Additional information about protecting your personal information online is available at the Federal Trade Commission's OnGuard Online website.

GlaxoSmithKline Consumer Healthcare values your privacy and will continue to work to ensure it is protected. We apologize if you receive more than one copy of this message as we are working diligently to ensure you are aware of this situation. If you have unsubscribed from our emails in the past, there is no need to unsubscribe again. Your preferences will remain in place.

If you have any questions about this communication, please feel free to contact one of our knowledgeable consumer relations representatives at 1-800-245-1040.

Regards,



GlaxoSmithKline Consumer Healthcare



This email was sent to you by GlaxoSmithKlne based on a past or present relationship with us or one of our brands. You may receive consumer notifications even if you have unsubscribed from our product promotional email.




- Posted using BlogPress from my iPad

Post a Comment