Since being caught out by a breach a few years back and having had to change every single password, I have learnt to use my iPhone for strong suggested random passwords. As I own a domain that I no longer use, other than for email, I have got in the habit of tailoring addresses I give for each different company I use.

Had some rather dodgy emails this week which revealed the source as having been Breitling as that is the word I added to the lead end of the email address. I know this has only been given to the Breitling store which I believe is owned by Goldsmiths.

Interesting that I have not heard about any data breach, so I guess they have sold this data on, despite me specifically requesting they don’t!

I won’t be giving them any further info of mine.

 

If the emails were from otherwise legitimate entities then it was probably sold. Hard to say whether it's Breitling themselves or Goldsmiths who did, but my money's on the latter. Still, not uncommon practice unfortunately.

 

If it really is a data breach, it's also possible they haven't discovered the breach yet. I've read stories about breaches that went on for months before they were finally discovered, usually because it's a small-ish business without much of an IT department.

 

I agree, this is likely to be Goldsmiths in fairness. Not a small company either.