Good Will
So what price will these companies put on their loss of goodwill as a result of this...
FBI agents looking into the theft of customer data belonging to McDonald's are investigating similar breaches that may have hit more than 100 other companies that used email marketing services from Atlanta-based Silverpop Systems . “The breach is with Silverpop, an email service provider that has over 105 customers,” Stephen …
legal spam and illegal spam. MARKETING, well that makes it ok then.
Yep sympathy for the recipients/yet to be recipients, even a smidgin of sympathy for DeviantART and it's ilk, non for the spammers. Obviously applied government guidelines for data security rigorously, what more does anyone expect.
It's all bullshit, just slightly different flavors. How competent are they if they can not cobble together a canned "apologize for inconvenience, valued customers, thorough investigation" spiel to lob at the press and other inquiries? There's hardly a dearth of such copy/ paste-able twaddle provided by politicians, Wall Street, et cetera. Yeesh.
I'm trying to understand the editorial point. Putting eggs in one basket is bad? Should we just put our details into as many disparate company systems as possible, because that's more... secure? less secure?
Or is it that we should just not trust our trading partners? Do these include Worldpay, Paypal, etc?
I admit, I'm lost.
So, if the company that gave the information to the e-mail service is equally responsible for the data breach, what about the individual that gave the data to the company?
Or in Walgreen's case: the individual who gave the data to the company that gave the data to the marketing firm that gave the data to the email service <inhale /> in the house that John built.
they don't want the fastfood chain, the grocer or the candlestick-maker...
...the fastfood chain is probably just the single biggest list the email service provider handles.
A McFlunky used the cloud-based ESP platform to spam the fresh-meat lists the ESP holds from behind the ESP's white-listed IP. ++deliverability
Other ESP's have also been hit by this (US & UK as far as I know - darkreading has something on it) - and it is looking like it could be a quite an issue.
If i had pwnd an ESP wouldn't be sending unexpected burger email or comedy 419s. you'd spear the ESP clients and customers who might give-up acess to their networks or their users credentials, postal address, bank accounts, usual profit motives etc etc.
It's funny, but not so funny everyone decided not to talk about it... anywhere - in reality it is potentially one of the most troubling breaches in ages - it trickles down through layers (I found out today about 3 ESPs hit by attacks with 1/3 success).