Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - Ask Slashdot: Telling vendor email was compromised 2

John Jorsett writes: I create for myself a unique email address for every vendor with which I do business, and that address isn't kept in my address book. When a spammer sends something to that address, I know that the vendor's email address database has been compromised. Trouble is, when I notify the vendor that their customer's email addresses are leaking and that they should check their security, I get no response and, as far as I can tell, no action is ever taken. I just change to a different email address, so should I even be bothering with notification, and if so, what's the best way to inform a vendor that their security needs attention?
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Ask Slashdot: Telling vendor email was compromised

Comments Filter:
  • Could mean a compromise but more likely they sold the data. Many times hidden in the privacy policy companies say they sometimes will "share" the data with partners, etc.
    • Unlikely that any of them sold it, at least formally. The spam I get is so crude (typically one or two lines, ungrammatical, misspelled, sometimes just a link by itself) that whatever is originating it can't have paid the price for a confirmed email address of a business customer and then wasted it on something so obviously spam. While it might be a rogue employee at every one of these businesses, I think it's more probable that it was obtained thru an easy hack on the business' web site.

But it does move! -- Galileo Galilei