PSA: change your account logins

Richard lists-nanog at
Fri May 31 13:17:19 UTC 2019

> Date: Friday, May 31, 2019 08:04:13 -0400
> From: Jason Kuehl <jason.w.kuehl at
> Is it possible, yes. I've seen it several times now at my place of
> work. Targeted attacks are a thing.
>> > 
>> > Dan Hollis wrote:
>> > 
>> > Phishing scheme didn't happen.
>> > 
>> > fedex has had a number of major compromises so it's not a
>> > stretch that their user database was stolen and sold to spammers.
>> > 

When I have looked into this type of issue for my unique addressing
some did trace back to back-end db hacks (e.g., adobe), but I found
that the most likely culprit was the 3rd-party bulk mailer that
handled the organization's marketing mail. It could be a non-zeroed
disk thrown into the trash or an inside job, but it almost always
traced back to one or two bulk mailing companies. 

More information about the NANOG mailing list