The Yankees have had a bit of a security problem it seems. Not the kind with unruly fans (well, maybe they do but that’s not what I’m talking about) but with their email. Seems the team accidently emailed an internal spreadsheet to “several hundred” season ticket holders. The spreadsheet which was attached to the email included personal information about each ticket holder.
From the letter posted on the Yankees site:
Monday evening, April 25, 2011, an employee of the Yankees sent an e-mail to several hundred Yankees Season Ticket Licensees. The e-mail mistakenly attached an internal Yankees spreadsheet that listed the following information associated with your New York Yankees account:
• Your name, and the address, phone number(s), fax number, and e-mail address that you previously provided to the Yankees
• Your seat numbers, Yankees account number, Yankees account representative name, and the ticket package code associated with your account
The letter went on to say no other personal info such as credit card or banking info was included in the spreadsheet.
Needless to say, any time lists like this get out which tie names to email addresses and street addresses, it’s not a good thing. These kind of lists are prime material for those who wish to engage in what is called spear-phishing or targeted phishing schemes.
Plus, now everyone knows where everybody sits. That can’t be a good thing.