Saturday, April 9, 2011

Some email templates - hope you won't need them

These notices seem to be becoming more common:  "We regret to inform you that someone hacked into our system and stole your data. Sorry for the inconvenience."

Here are three that I've received this past quarter.  I suppose it will be handy to have these templates on hand - hope you don't need to use them.


Dear Marriott Customer,

We were recently notified by Epsilon, a marketing vendor used by Marriott International, Inc. to manage customer emails, that an unauthorized third party gained access to a number of Epsilon's accounts including Marriott's email list.

In all likelihood, this will not impact you. However, we recommend that you continue to be on the alert for spam emails requesting personal or sensitive information. Please understand and be assured that Marriott does not send emails requesting customers to verify personal information.

We take your privacy very seriously. Marriott has a long-standing commitment to protecting the privacy of the personal information that our guests entrust to us. We regret this has taken place and apologize for any inconvenience.

Please visit our FAQ to learn more.


Marriott International, Inc. 


Important information from McKinsey Quarterly

We have been informed by our e-mail service provider, Epsilon, that your e-mail address was exposed byunauthorized entry into their system. Epsilon sends e-mails on our behalf to McKinsey Quarterly users who have opted to receive e-mail communications from us.

We have been assured by Epsilon that the only information that was obtained was your first name, last name and e-mail address and that the files that were accessed did not include any other information. We are actively working to confirm this. We do not store any credit card numbers, social security numbers, or other personally identifiable information of our users, so we can assure you that no such information was accessed.

Please note, it is possible you may receive spam e-mail messages as a result. We want to urge you to be cautious when opening links or attachments from unknown third parties. Also know that McKinsey Quarterlywill not send you e-mails asking for your credit card number, social security number or other personally identifiable information. So if you are ever asked for this information, you can be confident it is not from McKinsey.

We regret this has taken place and apologize for any inconvenience this may have caused you. We take your privacy very seriously, and we will continue to work diligently to protect your personal information.
If you have any questions or concerns, please contact McKinsey Quarterly at For any media inquiries, please contact Humphrey Rolleston at +1-212-415-5321.

Rik Kirkland
Senior Managing Editor
McKinsey & Company


To our travel community:
This past weekend we discovered that an unauthorized third party had stolen part of TripAdvisor's member email list. We've confirmed the source of the vulnerability and shut it down. We're taking this incident very seriously and are actively pursuing the matter with law enforcement.
How will this affect you? In many cases, it won't. Only a portion of all member email addresses were taken, and all member passwords remain secure. You may receive some unsolicited emails (spam) as a result of this incident.
The reason we are going directly to you with this news is that we think it's the right thing to do. As a TripAdvisor member, I would want to know. Unfortunately, this sort of data theft is becoming more common across many industries, and we take it extremely seriously.
I'd also like to reassure you that TripAdvisor does not collect members' credit card or financial information, and we never sell or rent our member list.
We will continue to take all appropriate measures to keep your personal information secure at TripAdvisor. I sincerely apologize for this incident and appreciate your membership in our travel community.
Steve Kaufer
Co-founder and CEO
More information


Dear _________

Recently, Citi was notified of a system breach at Epsilon, a third-party vendor that provides marketing services to a number of companies, including Citi. The information obtained was limited to the customer name and email address of some credit card customers. No account information or other information was compromised and therefore there is no reason to re-issue a new card.

Because e-mail addresses can be used for "phishing" attacks, we want to remind our customers of the following:
  • Citi Cards uses an Email Security Zone in all of our email to help you recognize that the email was sent by us. Customers should check the Email Security Zone to verify that the email you received is from Citi and reduce the risk of personal information being "phished". To help you recognize that the email was sent by Citi we will always include the following in the Email Security Zone in the top headline portion of all our emails:
    • Your first name and last name
    • Last four digits of your Citi card account number
    • And recently to increase security, we have added your “member since” date located on the front of your card, where available. 

  • More information about phishing is available here:learn more.  
Important steps that you can take to protect your security online:
  • Don't provide your Online User ID or password in an e-mail.
  • Don't reply to e-mails that require you to enter personal information directly into an e-mail or URL.
  • Don't reply to or follow links in e-mails threatening to close your account if you do not take the immediate action of providing any personal information. We may send you an email regarding your account requesting you contact us via phone.
  • It is not recommended to use your e-mail address as a login ID or password.
If you suspect that you’ve received a fraudulent e-mail message, please forward it to us. Forward suspicious e-mails

If you have any questions or concerns about emails that you may receive that look suspicious, we encourage you to contact Citi Customer Service at the phone number on the back of your card.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Blog Archive

Flag counter

free counters