Best Buy Reports Another E-mail Breach
A month after Best Buy Company, Inc., reported that some customer e-mail addresses were illegally accessed through a marketing partner, the retail giant confirmed Wednesday that another group of e-mail addresses were stolen through a former vendor.
A Best Buy spokeswoman said the company discovered on April 22 that “the e-mail addresses of some Best Buy customers were accessed without authorization,” adding that: “We kept customers informed because we knew it was the right thing to do.”
Last month's incident involved Irving, Texas-based marketing vendor Epsilon, which sends e-mails for thousands of companies across the United States. Numerous other local companies were also affected by the breach-including U.S. Bancorp and Ameriprise Financial, Inc., both of which are based in Minneapolis.
Richfield-based Best Buy didn't provide much information about the more recent hacking incident, but the spokeswoman did say that “this is a completely new situation and involves a completely separate vendor.”
The company said that it ended its relationship with the vendor, which it didn't name, prior to the breach “as part of a strategic business decision unrelated to data security.”
Best Buy is pursuing legal action as a result of the just-announced security breach.
The company said that it continues to work with various companies to execute e-mail marketing. Its primary e-mail service provider is Indianapolis-based ExactTarget. Best Buy said that Exact Target “is widely considered an industry leader in e-mail security” and that “they have been instrumental in helping Best Buy manage recent data security issues.”
About the two breaches, Best Buy said: “We regret these situations have taken place and for any inconvenience that may have been caused.”
Best Buy is Minnesota's third-largest public company based on revenue, which totaled $49.7 billion for the fiscal year that ended in February 2010. The company reported $50.3 billion in revenue for its most recently completed fiscal year.