Please create an account to participate in the Slashdot moderation system


Forgot your password?
Slashdot Deals: Cyber Monday Sale Extended! Courses ranging from coding to project management - all eLearning deals 20% off with coupon code "CYBERMONDAY20". ×

Submission + - Ask Slashdot: Telling vendor email was compromised 2

John Jorsett writes: I create for myself a unique email address for every vendor with which I do business, and that address isn't kept in my address book. When a spammer sends something to that address, I know that the vendor's email address database has been compromised. Trouble is, when I notify the vendor that their customer's email addresses are leaking and that they should check their security, I get no response and, as far as I can tell, no action is ever taken. I just change to a different email address, so should I even be bothering with notification, and if so, what's the best way to inform a vendor that their security needs attention?
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Ask Slashdot: Telling vendor email was compromised

Comments Filter:
  • Could mean a compromise but more likely they sold the data. Many times hidden in the privacy policy companies say they sometimes will "share" the data with partners, etc.
    • Unlikely that any of them sold it, at least formally. The spam I get is so crude (typically one or two lines, ungrammatical, misspelled, sometimes just a link by itself) that whatever is originating it can't have paid the price for a confirmed email address of a business customer and then wasted it on something so obviously spam. While it might be a rogue employee at every one of these businesses, I think it's more probable that it was obtained thru an easy hack on the business' web site.

Artificial intelligence has the same relation to intelligence as artificial flowers have to flowers. -- David Parnas