[RndTbl] Manitoba Hydro email database hacked (or sold)

Trevor Cordes trevor at tecnopolis.ca
Sun Apr 26 00:13:25 CDT 2015

On 2015-04-25 Bradford C. Vokey wrote:
> Trevor Cordes (and myself) use vendor specific email addresses when
> we sign up for services (it's easy when you control your own domain).

Yes, it's shocking the number of big companies that leak my email:


there's dozens, at least.

Also, I've found those little paper-based "enter to win" boxes at local
food joints / stores are all just big lying spam traps.  I think they
are just phishing scams but in the physical world.  Sometimes when I
have nothing better to do I'll enter those (with a unique email
address) and within months I get hundreds of spams to that address, and
AFAIK no one ever wins everything.  I guess I fell for a "brick &
mortar" scam; were it a cyber scam I'd never fall for it.  Luckily I can
just /dev/null that one-off address. "Woodlands" is the worst: they
claim to give away a nice looking oil painting each month. All they
give away is spam. Since this is in the "real world" and in Canada, why
aren't the cops on their case?  I mean, someone has to pick up the
little boxes!  Someone has to get consent from the retail establishment.

> So how (and when) did Manitoba Hydro get their email accounts list
> hacked?
> If so, what else got hacked? Our per-authorized Debit information?!?

Ha, ya.  One would hope they'd be in separate DBs!

> If not, then did they actually sell their email accounts lists to
> spam lists?

That I *seriously* doubt.  They'd get in big doodoo for that.  Now, did
a single employee steal the list and sell it?  Maybe... More likely
they were compromised somehow.

> ...P.S. If anyone wants to meet some desperate Russian chick feel
> free to believe in the spam...

Doh!  By including the spam in your posting you a) got your email put in
my possible-spam-(low) folder, and b) present me with the dilemma of
whether to mark the entire email as spam or not-spam :-)  I know Bayes
will most likely "do the right thing" but I can't see anything good
about giving "Russian chick" a less-spammy Bayesian weighting.  Hmm, I
guess I will have to mark it as not-spam, as I don't yet have a maildir
folder called: "keep these emails, they look spammy but are not, so
don't train on them".  That seems just one step too far down the road
to insanity.


More information about the Roundtable mailing list