Manual Contains Best Practices, Case Studies and Guidance for Mitigating Financial and Reputational Damage Resulting from a Data Breach

NORWALK, Conn., April 22, 2009 - As incidents of corporate data breaches continue to rise, the rules and regulations requiring compliance for breach notification and response from financial institutions, creditors and many other businesses have strengthened. On May 1, 2009 companies that extend lines of credit to consumers will need to comply with another regulation, the Federal Trade Commission’s Red Flags Rules, which calls for institutions to develop and implement written plans that document how each would prevent, detect and respond to the threat of identity theft.

To help companies adhere with the new law and mitigate the financial and reputational damage from any possible data breach, Affinion Security Center, a leading provider of identity theft protection and breach resolution services, today published the Data Breach Response Guide. The Data Breach Response Guide provides companies with best practices, case studies and guidance for preparing written plans to address the threat of identity theft and data breaches, thereby addressing part of the requirements under the Red Flags Rules. The guide is available for download at www.affinionsecuritycenter.com.

The Affinion Security Center developed the guide based on the company’s extensive experience providing data breach response programs through its BreachShield solution.  BreachShield is a comprehensive data breach response and delivery program capable of providing end to end support services, including list management, drafting of notification letters, printing and mailing - all backed by industry-leading customer service support and multi-channel enrollment options.  BreachShield has recently strengthened its offerings by adding CardCops^SM web monitoring, a leading service that monitors underground online chat rooms for stolen data, as well as Automated Fraud Alerts to its existing credit monitoring configurations. Since 2007, BreachShield’s rapid response solutions have been offered to more than five million consumers by companies that have suffered a breach.

“The Data Breach Response Guide contains valuable information on how to respond to a breach, alert customers, choose resolution services and defend a company financially and from reputational damage due to the devastating effects of data loss,” said Tim Lukens, Senior Vice President of Corporate Solutions at Affinion Security Center.  “The guide comes to market at a critical time, as law enforcement develops stricter laws for companies that handle consumer data and harsher penalties for corporations that mismanage data breaches.”

Although data breaches are increasingly common, many companies fail to prepare for an incident and as a result often do not meet consumers’ needs following a data breach. In 2008, the number of breaches reported grew 47% over 2007, according to the Identity Theft Resource Center, and is expected to grow in 2009 absent an increasing focus by companies on data protection.  Consumers are likely to sever relationships with banks, healthcare companies and large retailers that they regularly do business with because of a data breach, according to a study by the Ponemon Institute conducted in February 2009. The study found that more than 68 percent of the $6.65 million average cost of a data breach, results from lost business, including customer termination.

The Data Breach Response Guide aims to help companies create an Incident Response Plan before the occurrence of a breach, so that companies can take action more quickly and protect its business relationships after an incident. Rapid response remains one of the most crucial factors to controlling the financial repercussions of a data breach and influencing customer perceptions of how safely a company is handling their financial data.

About BreachShield
In 2007, Affinion Security Center launched BreachShield, a full service, rapid response data security breach response and delivery program. National and multi-national enterprises, including those in the financial, retail and travel industries, partnered with BreachShield data breach solutions. Since 2007, BreachShield services have been offered to over five million individuals whose identities have been compromised by a data breach. For more information, please visit www.breachshield.com. For help responding to an incident, please call our 24/7 Hotline at 1-800-350-7209.

About Affinion Security Center
Affinion Security Center, a division of Norwalk, Connecticut-based Affinion Group, is a global leader in providing identity protection and data security solutions to corporations and individuals. For over 35 years Affinion Security Center has been powering many of the world’s leading personal data protection and breach resolution solutions offered by local, national and multi-national enterprises in the financial, retail and travel industries. The company currently protects over 7 million subscribers with services including IdentitySecure, PrivacyGuard, PC SafetyPlus and Hotline, and serves enterprise and government agencies with the data breach preparation and response tool, BreachShield. Affinion Security Center is part of the steering committee of the Identity Theft Prevention and Identity Management Standards Panel (IDSP) and is a member of the Staples Security Council. For more information please visit www.affinionsecuritycenter.com.

About Affinion Group
As a global leader with nearly 35 years of experience, Affinion Group (www.affinion.com) enhances the value of its partners' customer relationships by developing and marketing valuable loyalty, membership, checking account, insurance and other compelling products and services. Leveraging its expertise in product development and targeted marketing, Affinion helps generate significant incremental revenue for more than 5,300 affinity partners worldwide, including many of the largest and most respected companies in financial services, retail, travel, and Internet commerce. Based in Norwalk, Conn., the company has approximately 3,300 employees throughout the United States and in 10 countries across Europe, and markets in 14 countries globally. Affinion holds the prestigious ISO 27001 certification for the highest information security practices, is PCI compliant and Cybertrust certified. For more company and investor information visit www.affinion.com.

Safe Harbor Statement
"Safe Harbor" Statement under the U.S. Private Securities Litigation Reform Act of 1995: Statements in this press release regarding Affinion Group's business which are not historical facts are "forward-looking statements" that involve risks and uncertainties. For a discussion of such risks and uncertainties, which could cause actual results to differ from those contained in the forward-looking statements, see "Risk Factors" in the Company's Annual Report on Form 10-K for the most recently ended fiscal year and other periodic reports filed with the Securities and Exchange Commission from time to time.