nanog mailing list archives
Re: PSA: change your fedex.com account logins
From: Rich Kulawiec <rsk () gsp org>
Date: Fri, 31 May 2019 10:18:05 -0400
On Fri, May 31, 2019 at 01:17:19PM +0000, Richard wrote:
When I have looked into this type of issue for my unique addressing some did trace back to back-end db hacks (e.g., adobe), but I found that the most likely culprit was the 3rd-party bulk mailer that handled the organization's marketing mail. It could be a non-zeroed disk thrown into the trash or an inside job, but it almost always traced back to one or two bulk mailing companies.
FYI, I've been running numerous experiments in this area for many years using unique non-guessable non-typo'able addresses. Explaining the results in full would take many pages, so let me summarize: 3rd party bulk mailers leak like sieves. "How?" remains an open question: could be that they're selling, could be that they have security issues, could be that insiders are selling on their own, could be any number of things: it's really not possible to say. But they are unquestionably leaking. This is hardly surprising: many of them are spammers-for-hire, many of them use invasive tracking/spyware, and none of them actually care in the slightest about privacy or security -- after all, it's not *their* data, why should they? Which are some of the many reasons that outsourcing your mailing lists is a terrible idea, doubly so when it's quite easy to run your own with Mailman (or equivalent). ---rsk
Current thread:
- PSA: change your fedex.com account logins Dan Hollis (May 30)
- Re: PSA: change your fedex.com account logins Matt Hoppes (May 30)
- Re: PSA: change your fedex.com account logins Dan Hollis (May 30)
- Re: PSA: change your fedex.com account logins Scott Christopher (May 30)
- Re: PSA: change your fedex.com account logins Mike Hale (May 30)
- Re: PSA: change your fedex.com account logins Jason Kuehl (May 31)
- Re: PSA: change your fedex.com account logins Richard (May 31)
- Re: PSA: change your fedex.com account logins Steve Atkins (May 31)
- Re: PSA: change your fedex.com account logins Rich Kulawiec (May 31)
- Re: PSA: change your fedex.com account logins Niels Bakker (May 31)
- Re: PSA: change your fedex.com account logins Dan Hollis (May 30)
- Re: PSA: change your fedex.com account logins Dan Hollis (May 31)
- Re: PSA: change your fedex.com account logins Matt Hoppes (May 30)