The hack includes customer names, emails, birthdates and encrypted passwords.
I’d like to read a post mortum on this. Knowing names and emails will allow for more precise phishing attacks against those 50 million customers. Hopefully people know to lie about their birthday and if this attack was caught fast enough the bad guys might not have had time to decrypt the encrypted passwords to exploit the accounts.
One positive note in a not-so-positive situation: The email sent to employees and customers noted that neither customer credit card nor merchant financial information was accessed in the cyber attack.