January 10th, 2009

I'm fascinated and horrified by this

It's much like watching a trainwreck, only more chipper and more painful. I sent it to someone at work today with the description, "Andrew Lloyd Webber details his songwriting process." I think they should have named it Earworm or Jingle, though.

Full Tilt Poker Data Leak

Shortly after Full Tilt Poker launched, I signed up for an account with them. For reasons that aren't relevant to this, I asked them to close my account a few hours later and haven't done business with them since. As I do when dealing with any business, I gave them a unique email address at my domain. That address has only been given to Full Tilt.

This morning I received spam from an affiliate of a company called JBET Poker. I've never heard of them, but my mail filters filed the mail as something other than spam so I investigated further. The spam was sent to an address that I gave only to Full Tilt Poker.

It seems that Full Tilt has had some sort of security breach, sold their database, or has otherwise allowed their data to get into a spammer's hands. As they have had that address for years, I can draw no conclusions about when the leak happened, and I certainly don't know how it happened.

I monitor my domain on a daily basis for dictionary attacks and other nefarious spammer tricks, so I am highly confident this wasn't just a randomly-guessed address.