BreachExchange mailing list archives
Email correspondences containing PII / sensitive information that may be used to commit identity theft
From: "Steve Hamburg" <SteveHamburg () eclipsecurityllc com>
Date: Thu, 7 Aug 2008 12:46:40 -0500
I apologize if this is a mere repeat of a previous thread, however, I just received an email notification from Disney Cruise Lines (DCL) that frustrates me, and reminded me of many other violators out there. I'm planning a Disney trip for my family (yes, there will be people staying at, and guarding our residence), and the unprotected confirmation email received from DCL included the names and birth dates of all of my family members, as well as where within the cruise ship we would be residing. This reminded me of many other violators, for example: 1. How many times have you received an unprotected email after requesting a new password or creating a new account that contains both your user ID and password? 2. How many times have you had service providers (e.g., attorneys, accountants, etc.) send you unprotected emails with attachments containing extremely sensitive information? It would be very interesting if a service / notification mechanism were to exist where these types of risk-prone actions could be reported and the informant could be rest-assured that disciplinary actions would be exercised. Thoughts? Steve. -- Steven E. Hamburg, President Eclipsecurity, LLC Toll Free: (877) 369-5331 x 302 Office: (847) 850-5088 x 302 www.eclipsecurityllc.com Lock-in success. Because information travels... ******************** This message and any accompanying attachments are intended only for the addressees(s) named above, and may contain information that is privileged or confidential. If you have received this email in error, please notify the sender and delete this message and any accompanying attachments immediately thereafter. To the extent the contents of this message or any accompanying attachments are original works of authorship, the right to copy, prepare derivative works, distribute, or display publicly such work without the permission of Eclipsecurity, LLC, is strictly prohibited under U.S. Copyright law. ******************** _______________________________________________ Dataloss Mailing List (dataloss () attrition org) http://attrition.org/dataloss Tenable Network Security offers data leakage and compliance monitoring solutions for large and small networks. Scan your network and monitor your traffic to find the data needing protection before it leaks out! http://www.tenablesecurity.com/products/compliance.shtml
Current thread:
- US DOJ announces largest prosecution for ID theft yet. TS Glassey (Aug 05)
- Email correspondences containing PII / sensitive information that may be used to commit identity theft Steve Hamburg (Aug 08)