This article, "ATT/CIOT email phishing issue," originally appeared on AccountingWeb.com.
Just received an email to say that ATT/CIOT have investigated themselves and reckon that they weren’t hacked and that, instead, someone scraped our email addresses from their website search function.
Is anyone else a bit sceptical of this?
– I have always ticked to hide my email address, and other details, as I don’t want the general public to contact me. Of course, I can’t now check that it was (as they have pulled the search function) but the email I use for such matters doesn’t receive other spam emails, as any email address that is on a website generally does (as spammers scrape them off the web).
– Someone putting in hundreds of search requests should show up on their site logs.
Personally, I suspect they have been “hacked”/have been negligent with our data and have come up with a bit of a story in order to cover this up. If organisations are going to demand our details, they need to take better care of them, in my humble opinion.