[ale] OT(ish) Sold or stolen?

[Robert Reese]

Hello Alex,

Wednesday, September 3, 2014, 12:20:09 AM, you wrote:

> On 2014-09-02 20:59, Robert Reese wrote:
>> Hello Alex,

>> Tuesday, September 2, 2014, 8:37:46 PM, you wrote:

>>> I never gave anyone else that particular alias, I don't use it as a
>>> username for my online account access, it's not stored in my phone or on
>>> any address books, and I don't send email from it (receive only alias).

>> I do something similar, and there are three possibilities that I see:
>> 1: AT&T indeed either sold your email address or had some email address data stolen from them.
>> 2: Your own server has been infiltrated.
>> 3: Somewhere between AT&T's email servers and your email servers has been compromised where data is being intercepted. "Pharming" at one time was the phrase, but that's since been absconded.  

>> I suspect #3 is the most likely culprit.  This is one of the reasons people shouldn't send confidential or sensitive information via unencrypted email, even in an attachment.

> I know my server is ok, I check it every day and keep it patched.
> Number 3 would be very interesting since the email never leaves AT&T's
> networks (I have UVerse).  I still suspect it's a case of stolen or sold
> but I have very little control over the contents of the emails that AT&T
> sends to me (part of the reason I use my own server).  I don't have
> statements come by email but I don't have a way to opt out of any other
> communications.


I find it highly unlikely it has been imprisoned on the Death Star's core all this time without some sort of escape attempt.  Are you absolutely sure it has never ventured outside of AT&T's own little world?  Has your email address ever seen a third-party's light of day, maybe moonlighting as official AT&T business?  I must assume AT&T has affiliates or marketing partners.

Cheers,
Robert~