"Roland Perry" wrote in message
...
In message , at 19:56:50
on Sun, 2 Dec 2007, Bob Eager remarked:
Rubbish, all the data on them is public information. It's a bit sad that
they've lost a whole lot of it, but nothing important for a general
"identity theft" scenario. The actual (and not much mentioned) threat is
that anyone with children is on the database, including some famous
people who try quite hard to disguise their addresses.

Actually, a major impact (not much mentioned) is the use of the FACT of
this loss as a lever inside phishing emails.

What kind of phishing email would that be? No-one should expect to respond
to one purporting to come from their bank, if it was asking for any
additional information.

The data that was lost didn't include email addresses (as far as I'm
aware) so it would have to be a specific phishing attack to all
[apparently] uk-based email addresses already in the phisher's databases.

Doesn't need to. Just phrase the phishing mail something like "Your details
need reconfirming due to the loss of these discs. Please enter your password
at here", and send it to the standard list of spamming addresses.

'course people should know that these mails are always lies, but there's a
proportion who believe them :-( Witness the regular letters in the money
columns saying "XXX is trying to sell me these shares/timeshare/lottery
ticket. Is it real?" - there are plenty of people out there who don't think
hard enough about these things.

cheers,
clive