Manual Contains Best Practices, Case Studies and Guidance for Mitigating Financial and Reputational Damage Resulting from a Data Breach

NORWALK, Conn., April 22, 2009 - As incidents of corporate data breaches continue to rise, the rules and regulations requiring compliance for breach notification and response from financial institutions, creditors and many other businesses have strengthened. On May 1, 2009 companies that extend lines of credit to consumers will need to comply with another regulation, the Federal Trade Commission’s Red Flags Rules, which calls for institutions to develop and implement written plans that document how each would prevent, detect and respond to the threat of identity theft.

To help companies adhere with the new law and mitigate the financial and reputational damage from any possible data breach, Affinion Security Center, a leading provider of identity theft protection and breach resolution services, today published the Data Breach Response Guide. The Data Breach Response Guide provides companies with best practices, case studies and guidance for preparing written plans to address the threat of identity theft and data breaches, thereby addressing part of the requirements under the Red Flags Rules. The guide is available for download at www.affinionsecuritycenter.com.

The Affinion Security Center developed the guide based on the company’s extensive experience providing data breach response programs through its BreachShield solution.  BreachShield is a comprehensive data breach response and delivery program capable of providing end to end support services, including list management, drafting of notification letters, printing and mailing - all backed by industry-leading customer service support and multi-channel enrollment options.  BreachShield has recently strengthened its offerings by adding CardCops^SM web monitoring, a leading service that monitors underground online chat rooms for stolen data, as well as Automated Fraud Alerts to its existing credit monitoring configurations. Since 2007, BreachShield’s rapid response solutions have been offered to more than five million consumers by companies that have suffered a breach.

“The Data Breach Response Guide contains valuable information on how to respond to a breach, alert customers, choose resolution services and defend a company financially and from reputational damage due to the devastating effects of data loss,” said Tim Lukens, Senior Vice President of Corporate Solutions at Affinion Security Center.  “The guide comes to market at a critical time, as law enforcement develops stricter laws for companies that handle consumer data and harsher penalties for corporations that mismanage data breaches.”

Although data breaches are increasingly common, many companies fail to prepare for an incident and as a result often do not meet consumers’ needs following a data breach. In 2008, the number of breaches reported grew 47% over 2007, according to the Identity Theft Resource Center, and is expected to grow in 2009 absent an increasing focus by companies on data protection.  Consumers are likely to sever relationships with banks, healthcare companies and large retailers that they regularly do business with because of a data breach, according to a study by the Ponemon Institute conducted in February 2009. The study found that more than 68 percent of the $6.65 million average cost of a data breach, results from lost business, including customer termination.

The Data Breach Response Guide aims to help companies create an Incident Response Plan before the occurrence of a breach, so that companies can take action more quickly and protect its business relationships after an incident. Rapid response remains one of the most crucial factors to controlling the financial repercussions of a data breach and influencing customer perceptions of how safely a company is handling their financial data.

About BreachShield
In 2007, Affinion Security Center launched BreachShield, a full service, rapid response data security breach response and delivery program. National and multi-national enterprises, including those in the financial, retail and travel industries, partnered with BreachShield data breach solutions. Since 2007, BreachShield services have been offered to over five million individuals whose identities have been compromised by a data breach. For more information, please visit www.breachshield.com. For help responding to an incident, please call our 24/7 Hotline at 1-800-350-7209.

About Affinion Security Center
Affinion Security Center, a division of Norwalk, Connecticut-based Affinion Group, is a global leader in providing identity protection and data security solutions to corporations and individuals. For over 35 years Affinion Security Center has been powering many of the world’s leading personal data protection and breach resolution solutions offered by local, national and multi-national enterprises in the financial, retail and travel industries. The company currently protects over 7 million subscribers with services including IdentitySecure, PrivacyGuard, PC SafetyPlus and Hotline, and serves enterprise and government agencies with the data breach preparation and response tool, BreachShield. Affinion Security Center is part of the steering committee of the Identity Theft Prevention and Identity Management Standards Panel (IDSP) and is a member of the Staples Security Council. For more information please visit www.affinionsecuritycenter.com.

About Affinion Group
As a global leader with almost 40 years of experience, Affinion Group (www.affinion.com) enhances the value of its partners' customer relationships by developing and marketing loyalty solutions. Leveraging its expertise in customer engagement, product development and targeted marketing, Affinion provides programs in subscription-based lifestyle services, personal protection, insurance and other areas to help generate increased customer loyalty and significant incremental revenue for more than 5,550 marketing partners worldwide, including many of the largest and most respected companies in financial services, retail, travel, and Internet commerce. Based in Stamford, Conn., the company has approximately 4,250 employees and markets in 17 countries globally. Affinion holds the prestigious ISO 27001 certification for the highest information security practices, is PCI compliant and Cybertrust certified.

Safe Harbor Statement Under the U.S. Private Securities Litigation Reform Act of 1995
This press release may contain statements that are forward looking, as that term is defined by the Private Securities Litigation Reform Act of 1995 or by the Securities and Exchange Commission in its rules, regulations and releases. These statements include, but are not limited to, discussions regarding industry outlook, Affinion's expectations regarding the performance of its business, its liquidity and capital resources, its guidance for 2011, the consummation of the acquisition of Prospectiv and the impact to Affinion's business and the other non-historical statements in the discussion and analysis. These statements can be identified by the use of words such as "believes," "anticipates," "expects," "intends," "plans," "continues," "estimates," "predicts," "projects," "forecasts," and similar expressions. All forward-looking statements are based on management's current expectations and beliefs only as of the date of this press release and are subject to risks, uncertainties and assumptions that could cause actual results to differ materially from those discussed in, or implied by, the forward-looking statements. Factors that could cause actual results to differ materially include, but are not limited to, risks related to general economic and business conditions and international and geopolitical events, a downturn in the credit card industry or changes in the techniques of credit card issuers, industry trends, foreign currency exchange rates, the effects of a decline in travel on the Company's travel fulfillment business, termination or expiration of one or more agreements with its marketing partners or a reduction of the marketing of its services by one or more of its marketing partners, the Company's substantial leverage, restrictions contained in its debt agreements, its inability to compete effectively, and other risks identified and discussed from time to time in Affinion's reports filed with the SEC, including Affinion's most recent Annual Report on Form 10-K and Quarterly Report on Form 10-Q. Readers are strongly encouraged to review carefully the full cautionary statements described in these reports. Except as required by law, the Company undertakes no obligation to revise or update publicly any forward-looking statements to reflect events or circumstances after the date of this press release, or to reflect the occurrence of unanticipated events or circumstances.