Your ESP is a hacker target — should you worry?Recently two well-known email service providers (ESPs) announced their clients suffered list theft. Spammers mailed to those stolen lists, which is how the ESPs discovered the breach. How concerned should you be about the security of your lists and other data living in the cloud at your ESP? Here’s a breakdown of the risks:
Spammers steal your lists
If spammers rip off your lists wholesale and mail to them, your subscribers will see an uptick in spam at their address. It’s unlikely your subscribers will notice the increase, since their spam filters will block it as usual.
Email addresses flow unencrypted with email traffic through all ISPs’ operations centers, and it’s a lot easier for a criminal to collect addresses via an inside man at an ISP than hack into your ESP. You can’t stop this exposure of email addresses, and be aware that all email is essentially in full view and shouldn’t include any information that’s sensitive to you or your subscriber.
Subscribers think you’ve sold their addresses
Some subscribers sign up to your list with a single-use address, that way they know you’ve given it away if they start receiving spam at that address. If they’re not aware of the ESP breach and instead blame you for the spam, they’re likely to click “Report Spam” on your mailings and drive down your email sender reputation, at least temporarily.
Not many subscribers bother with single-use email addresses, so while you’re going to see a spike in complaints if your list is stolen, it’s probably not going to hurt your delivery to other subscribers.
Lists are trashed
Intruders at your ESP might damage or delete your lists, costing you lost time and revenue. Keep a backup of your lists at your site. Use an ESP that makes it easy for an automated process to keep your local copy up to date.
