Posted by: Ken Harthun
Data Leak, Identity Theft, insecure, Privacy, Security, security awareness
Yikes! Indeed, it has happened again but this time the leak was completely preventable. A season ticket sales representative for the New York Yankees inadvertently emailed a spreadsheet to 2,000 of his contacts. The spreadsheet contained account numbers, names, addresses, phone numbers, email addresses, and other information like their seat numbers and which ticket packages they purchased. .
Part of the notification sent to the victims from the Yankees’ office said this:
NO OTHER INFORMATION WAS INCLUDED IN THE DOCUMENT THAT WAS ACCIDENTALLY ATTATCHED (sic) TO THE APRIL 25TH E-MAIL. THE DOCUMENT DID NOT INCLUDE ANY BIRTH DATES, SOCIAL SECURITY NUMBERS, CREDIT CARD DATA, BANKING DATA OR ANY OTHER PERSONAL OR FINANCIAL INFORMATION.
Apparently, the data contained information only on holders of season tickets for the “non-premium” seats that make up the vast majority of Yankee Stadium; those holding tickets for suites and the first few rows in the infield were not listed. So the high rollers and celebrities aren’t in there. That certainly lessens the value of the data somewhat (no big, juicy targets), but It’s a good bet that the victims are going to spammed and phished to death at some point.
This is yet another piece of evidence in support of my continual assertion that there is absolutely no such thing as private information. Once you have given anything to a third party, you might as well have advertised it on lighted freeway billboard.
Your information is not safe and probably never will be.