[Dataloss] Email correspondences containing PII / sensitive information that may be used to commit identity theft
Steve Hamburg
SteveHamburg at eclipsecurityllc.com
Thu Aug 7 17:46:40 UTC 2008
I apologize if this is a mere repeat of a previous thread, however, I
just received an email notification from Disney Cruise Lines (DCL) that
frustrates me, and reminded me of many other violators out there.
I'm planning a Disney trip for my family (yes, there will be people
staying at, and guarding our residence), and the unprotected
confirmation email received from DCL included the names and birth dates
of all of my family members, as well as where within the cruise ship we
would be residing. This reminded me of many other violators, for
example:
1. How many times have you received an unprotected email after
requesting a new password or creating a new account that contains both
your user ID and password?
2. How many times have you had service providers (e.g., attorneys,
accountants, etc.) send you unprotected emails with attachments
containing extremely sensitive information?
It would be very interesting if a service / notification mechanism were
to exist where these types of risk-prone actions could be reported and
the informant could be rest-assured that disciplinary actions would be
exercised.
Thoughts?
Steve.
--
Steven E. Hamburg, President
Eclipsecurity, LLC
Toll Free: (877) 369-5331 x 302
Office: (847) 850-5088 x 302
www.eclipsecurityllc.com
Lock-in success. Because information travels...
********************
This message and any accompanying attachments are intended
only for the addressees(s) named above, and may contain information
that is privileged or confidential. If you have received
this email in error, please notify the sender and delete this
message and any accompanying attachments immediately
thereafter. To the extent the contents of this message or any
accompanying attachments are original works of authorship, the
right to copy, prepare derivative works, distribute, or display publicly
such work without the permission of Eclipsecurity, LLC, is strictly
prohibited under U.S. Copyright law.
********************
More information about the Dataloss
mailing list