[repost]
Nicola Mawson reports:
Around 39 000 South Africans who signed up on the Direct Marketing Association of SA’s (DMASA’s) “do not contact” database are at risk of identity theft, because the list has been leaked to companies that aren’t DMA members.
The database contains sensitive information such as contact details, addresses and identity numbers. It is circulated every month via e-mail to the association’s 389 members. The members then cross-reference their direct marketing mail shots against it to make sure they don’t contact anyone whose name is on the database.
Read more on ITWeb. DMASA is denying that they are responsible for the breach, but it seems pretty clear that someone who had access to the list has leaked it.