Was "Home Shopping Network" hacked?

[Cass Broadview]

Was the "Home Shopping Network" hacked, and information about me given out? Is this legit? I do have a HSN credit card. I'm concerned because it starts out "Dear HSN Customer,".
Important Customer Service Notification

Sunday, April 3, 2011 3:02 AM
From: This sender is DomainKeys verified"HSN Customer Service" <CommunityNews>
Add sender to Contacts


April 2, 2011

Dear HSN Customer,

HSN values your trust and wants to make you aware of a recent incident. We learned from our email provider, Epsilon, that limited information about you was accessed by an unauthorized individual or individuals. This information included your name and email address and did not include any financial or other sensitive information. We felt it was important to notify you of this incident as soon as possible. We apologize for any inconvenience and have outlined below a number of email safeguards to help ensure your privacy online.

Email scams, spam, and other attacks on email systems are on the rise, but, by taking certain precautions when receiving emails, you can continue to safely use email for your business and personal needs:

•Don't open links or attachments from people you don't know and trust.
•Don't provide personal, financial, or other sensitive information when asked to do so by email. Most reputable companies do not ask for such information by email, and, rest assured, we will not do so.
•If you receive an email appearing to come from us that does ask you for sensitive information, do not respond, click on any links, or download any attachments. Instead, please inform us immediately at the toll-free number or email address provided below.

We take your privacy very seriously and work diligently to protect your information, whether held by us or by our service providers. HSN's internal databases, which store all customer-provided data, were in no way compromised. Our email provider has taken significant steps to further protect the limited customer information held in its databases. If you have any questions or concerns regarding this incident, please contact us toll free at 1-800-933-2887 or email us at customerservice@hsn.com.

Sincerely,
Gregg Stallwood
Senior Vice President, Customer Care – HSN

Please do not reply to this email. If you would like to contact us, please call us toll free at 1-800-933-2887 or email us at customerservice@hsn.com.
HSN Interactive LLC | Attn: Customer Service | 1 HSN Drive | St. Petersburg, FL 33729‪

[Jack Stoner]

It appears to be legitimate. Several major clients that also use Epsilon also have the same issue. It looks like name and e-mail is apparently the only thing potentially hacked into.

Here is more info from Computerworld:

CLICK ME

[Wiz Feinberg]

You can include Kroger customers in the group of stolen email addresses and names of the people holding the accounts. This is rapidly becoming a monster hacking incident. Somebody at Epsilon was tricked into opening a Trojan Horse in an attachment. It was a Spear Phishing attack, targeting one specific individual and it worked.

Anyway, those affected can login to their accounts and change the passwords.

[Jim Smith]

Just heard on the news that you can add Walgreens to the hacked list. I think Epsilon has some 'splainin' to do!

[Chris Dorch]

Add Best Buy...

[Wiz Feinberg]

You can now add J.P. Morgan Chase Bank. However, the notice they sent says that it was mostly their own internal company email accounts and user names that were harvested. We shall see...

[Cass Broadview]

Yikes! thanks guys. I have a habit a leaving credit card info on my user accounts for easy paying. Is that a wise thing to do? I have accounts at JC Penney, Sears, HSN, QVC etc, and of course on file with my paypal account.

[Jack Stoner]

According to what has been posted, this is a company that sends out advertising for client companies. They could have your name and e-mail address but nothing else. Your personal info, including credit card, is only on the actual client's site (e.g. HSN site).