Network Security Blog » Customer information stolen.
Three database/email server compromises were revealed over the weekend. A business partner of McDonald’s lost their promotional mailing list, Gawker’s entire user database was compromised and posted, and the DeviantArt user mailing list was also stolen, along with additional user information, again through a partner. None of these cases involved financial data; none of these would have been covered in any way by the PCI requirements.
So what is the value to the hackers? Martin sums it up nicely:
The danger with the McDonald’s and DeviantArt compromises isn’t the account names, it’s the the potential for phishing and other scams. The phishers now have a validated list of customers they can target their spam at, quite likely starting with fake alerts about the compromise itself to get users to click on links to malicious sites. From there, they can move on to lower impact, less obvious attacks, but that’s how I’d start. The potential of a user trusting an email warning them of danger is quite a bit higher than the other emails.
PS: Walgreen’s customer email list was compromised. Again, no big deal, just email addresses. But as Martin said above, a valid list of email addresses is a great starting point for phishing scams.