securitymarketeers are abusing the easypay and mensura database ... phishers may follow

Do not 

* click on links that are send in mails about your data in the easypay and mensura database (especially if you are not in the public database of 1100 out of the 32.000) 

* think twice before you are responding to these emails - it is a very lousy marketingpractice that doesn't show a clear sense of ethics.  Or they are desperate (and any securityfirm that is desperate nowadays is doing something terrible wrong because it is a booming business) or they are just moneygrabbers out for an opportunity 

* I am not sure of the it but I think the use of stolen data - even published - for marketingpurposes may be something the privacycommission doesn't like (because the purpose is to get that data OFF the internet and not in as many databases and emaillists as possible .....) 

I hope that everybody keeps their calm and do the things that you know you should be doing (and that doesn't cost any money like changing passwords) and go to real professionals with clear business and professional ethics for solutions for problems that you seem to have discovered now (double authentification being one of them, centralised logging another, WAF and securitychecks another and encryption and so on) 

if you receive such an email where you can also file an complaint about the way things are going 

you have also the right to file a complaint - if you are a bigger customer - at the local court (maybe some of the bigger ones should do this - to send a clear message to all their other outsourced serviceproviders that they better take datasecurity seriously)

there is already enough evidence on this blog of all the reasons why the the best principles weren't followed before, during and after the incident

I filed a complaint against mensura for these reasons with the privacycommission. 

The comments are closed.