The Epsilon breach has ignited a new discussion about the sensitivity of e-mail data. The original list of 50 affected brands has grown to more than 100, representing organizations of all sizes and sectors. E-mail addresses have historically fallen outside the purview of PII, but in light of the breach, they are likely to be deemed much more sensitive. The financial industry, in particular, might see direction related to how e-mails are handled in the updated online authentication guidance from the Federal Financial Institutions Examination Council.”]
Source: https://www.healthcareinfosecurity.com/epsilon-breach-growing-impact-a-3564