[RndTbl] Manitoba Hydro email database hacked (or sold)

Sun Apr 26 00:13:25 CDT 2015

On 2015-04-25 Bradford C. Vokey wrote:
> Trevor Cordes (and myself) use vendor specific email addresses when
> we sign up for services (it's easy when you control your own domain).

Yes, it's shocking the number of big companies that leak my email:

xerox
primus
hydro
viewsonic
seagate
...

there's dozens, at least.

Also, I've found those little paper-based "enter to win" boxes at local
food joints / stores are all just big lying spam traps.  I think they
are just phishing scams but in the physical world.  Sometimes when I
have nothing better to do I'll enter those (with a unique email
address) and within months I get hundreds of spams to that address, and
AFAIK no one ever wins everything.  I guess I fell for a "brick &
mortar" scam; were it a cyber scam I'd never fall for it.  Luckily I can
just /dev/null that one-off address. "Woodlands" is the worst: they
claim to give away a nice looking oil painting each month. All they
give away is spam. Since this is in the "real world" and in Canada, why
aren't the cops on their case?  I mean, someone has to pick up the
little boxes!  Someone has to get consent from the retail establishment.

> So how (and when) did Manitoba Hydro get their email accounts list
> hacked?
> 
> If so, what else got hacked? Our per-authorized Debit information?!?

Ha, ya.  One would hope they'd be in separate DBs!

> If not, then did they actually sell their email accounts lists to
> spam lists?

That I *seriously* doubt.  They'd get in big doodoo for that.  Now, did
a single employee steal the list and sell it?  Maybe... More likely
they were compromised somehow.

> ...P.S. If anyone wants to meet some desperate Russian chick feel
> free to believe in the spam...

Doh!  By including the spam in your posting you a) got your email put in
my possible-spam-(low) folder, and b) present me with the dilemma of
whether to mark the entire email as spam or not-spam :-)  I know Bayes
will most likely "do the right thing" but I can't see anything good
about giving "Russian chick" a less-spammy Bayesian weighting.  Hmm, I
guess I will have to mark it as not-spam, as I don't yet have a maildir
folder called: "keep these emails, they look spammy but are not, so
don't train on them".  That seems just one step too far down the road
to insanity.

;-)