Who has security issues?
I give a custom, tagged email address to every organization that I do business with. This makes it easy for me to sort out various commercial email into separate files, but it also lets me know when and if my email address has been leaked by a company. This doesn't happen very often, but sometimes addresses get leaked. The following is a roster of which companies have data security issues:
- TD Ameritrade (twice)
- LiveJournal (twice)
- Poker Players' Alliance
- Slik Stik
- Full Tilt Poker
- 48 Longstems
- Ultimate Bet
When this happens, my response generally depends upon how reputable I consider the company. If I consider the company to be generally reputable, I will contact them and attempt to work with them on the issue. In cases where I think less of the company, I won't bother. In nearly all cases I attempt to publicize the issue.
TD Ameritrade is the most interesting of these. It happened for the first time on December 12, 2005. At this time I contacted the company to let them know about the problem, and changed the email address that they had on file. The next time it happened was April 2007, contacted the company to report it, and changed my email address with them again. I finally heard from them about it in September 2007. This was eventually well-publicized, but I still have the very first spam that I got to an Ameritrade-tagged email adress.
LiveJournal has leaked my tagged email address twice, both times while it was owned by Six Apart. I didn't do much with that besides change the address.
OpenTable.com leaked my address around mid-July 2008. I wrote about it publicly, and was contacted just a few days later by their customer service manager. We spent a fair bit of time exchanging mail about it, though I never heard a resolution.
Poker Players Alliance
The Poker Players' Alliance leaked my address sometime around late 2007 or very early 2008. To this day they deny that they had any data security issues, even though multiple people have reported receiving spam at addresses given only to the PPA.
Slik Stik seems to basically be a pond scum company.
Full Tilt Poker
Full Tilt Poker has leaked my email address. In January 2009 I received spam at that address from an affiliate of another poker site.
48 Longstems is a floral grower that I've placed several orders with. I started getting spam to that address in January 2009.
I considered signing up with HostGator a while ago, and wound up on their mailing list. I started receiving Viagra spam to that address in early 2010.
Snowbomb does ski bus tours in the San Francisco bay area. I started receiving Viagra spam to that address in early 2010. This was likely due to email provider iContact being hacked.
NowPublic is a user-generated news site that has asked to use some of my photos. I started receiving Viagra spam to that address in early 2010. This was likely due to email provider iContact being hacked.
Ultimate Bet is an online poker site that I did business with some years ago. In August 2010 I started receiving spam to that email address.