Egghead Customer? Your Data Goes To Fry's

An anonymous reader says: "I bought some things from onsale.com, which then became egghead.com. Somewhere in that time, their credit card database got jacked, for which they sent me a nice e-mail saying everything was ok. Now I've got a mail that I don't like at all, with the subject 'IMPORTANT MESSAGE REGARDING THE TRANSFER OF YOUR CUSTOMER INFORMATION.' Well. that's pretty much it. egghead.com info will go to Fry's Electronics, unless the customer explicitly requests that it not. How often does it happen that when a company goes under that they just sell their customer info and just not tell anyone?" Here are links to the Egghead info page and privacy and security policy.

Keeping Them Out of Your Face

[Greyfox]

While you can't do much to keep companies from selling your information, you can do a fair bit to keep them out of your face. For junk snail-mailers, there are several organizations that will get your name removed from the lists (Or added to a do-not-send list) and promise to dramatically reduce if not completely eliminate the amount of junk mail you get.

For telemarketers, finding out their company, the company they represent and the first and last name of the person you're talking to before you ask them to add you to their do-not-call list is the way to go. Log that information and sue them if they ever call you again.

For spammers your choices are more limited, especially if you don't run your own mail server. It is next to impossible to not download spam, although you can process it in such a way that you never see it. There are two solutions I like the most. The first is to keep a whitelist of people who are allowed to send you E-Mail. You can store the E-mail of anyone who has sent you mail and isn't on the list and require them to reply to a message to get added to the white list. Purge any such stored messages after a week or so. The other alternative is to reject any E-mail that's not encrypted to your obnoxiously long encryption key. A 4096 bit key takes about 30 seconds to encrypt to for a 1 page message on a P166. No spammer's going to take the time (Nor would they be capable of taking the time, if everyone did this.)

For internet banner ads and more obnoxious features of the web, I've found that disabling popups and animations in Mozilla makes things a lot less annoying. YMMV depending on your web browser.

And of course, if you know a company is likely to sell your information without your permission, don't do business with them and tell them why.

We're already constantly on the verge of information overload (or well past the verge) without some company you never heard of buying your info and jamming more advertising down your throat. Pursuing your privacy like a rabid pit-bull is the only way to avoid having this happen.

Enough opt-outs, and Fry's drops the deal!

[retrogmr]

Fry's Electronics has made it a clause of the purchase that no more than 10% of Egghead.com's customers opt-out of the mailing list.

Check this article about it on CNet:
http://news.cnet.com/news/0-1007-200-6962164.htm l

Re:I got this email also

[eap]

There are 16 digits in your average Mastercard. (More in Amex, less in Visa). With 16 digits, there are 1,000,000,000,000,000 possible different numbers (give or take an order of magnitude). There are 100,000,000 people in the USA (again, give or take an order of magnitude). What are the odds that a randomly generated number is a real one?

You have apparently never purchased anything over the phone. In addition to the credit card number, you must also supply an expiration date and at least a billing address zip code (sometimes street address).

Let's see:

(1^15 credit card numbers) * (1^5 zip codes) * (roughly 48 expiration dates over a 4 year card life) = NO CHANCE IN HELL OF GUESSING IT RANDOMLY

CC# are not very random at all

[Mad+Marlin]

Credit card numbers are not as random as you might think. A good overview can be found at this site.