Those of you who carefully craft a new e-mail alias for every e-commerce site you use will likely have to start all over again thanks to a new data breach. E-mail marketing vendor Epsilon—used by numerous banks, retailers, and other online services—reported Friday that an unauthorized party had accessed its system on March 30. The breach exposed customer names and e-mail addresses from "a subset of Epsilon clients' customer data," exposing those users to increased spam and phishing attacks.

According to a very brief statement issued by Epsilon, no other customer data was exposed besides names and e-mail addresses. "A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway," the company wrote.

There are plenty of companies on Epsilon's client list that may look familiar to you—they include big names like J.P. Morgan Chase, Capital One, US Bank, TiVo, Best Buy, McKinsey, Marriott, Kroger, Walgreen's, Disney Destinations, the US College Board, and roughly 2,500 others. Although Epsilon did not notify the exposed individuals, many of Epsilon's clients did send notices directly to users over the weekend. TiVo, for example, assured users that Epsilon did not have access to service information or credit card details, while Best Buy said it's "actively investigating" the incident in addition to Epsilon's own investigation.

Disney Destinations, which sells cruise and vacation tickets, went a step further in its e-mail to customers by actually warning about the side effects. "As a result of this incident," the company wrote, "it is possible that you may receive spam e-mail messages, e-mails that contain links containing computer viruses or other types of computer malware, or emails that seek to deceive you into providing personal or credit card information."

Although the breach could have been much worse—no social security numbers or credit cards were involved—there are still plenty of risks to those whose data was exposed. The most obvious is that these users now face an increased risk of phishing attacks, which could end up exposing passwords, credit cards, and other personal data if people aren't diligent about protecting themselves from attacks.

Epsilon won't provide an exact list of its clients that were affected by the breach, making it even harder to determine which of Epsilon's 2,500 clients need to step up their anti-phishing efforts. (We asked Epsilon when it plans to release the names of the affected companies, but the company didn't respond to our request for comment by publication time.)

Even if users are lucky enough to avoid increased phishing attacks, they're practically guaranteed to start getting more spam—a relatively benign, but especially infuriating side effect of the breach. And, although a number of Epsilon's clients have reached out to their customer base already, there are still plenty of individuals who have yet to be notified. (As a Chase customer, I only got a generic notice about a privacy policy update over the weekend, and have yet to receive the message sent to others saying not to give out my username or password over e-mail.)

Looks like it's time to brush up on your "explaining phishing attacks to mom and pop" skills.