And This is Why You Should be Careful on the Internet

Today, I placed an online order and shortly after placing the order, I got 3 emails. The first email was from the website that I placed the order on and was the invoice for the order. The second email was from PayPal with the receipt for my order. The third email was a bit odd, it was an out of office reply from an individual.

I was confused on why I got an OOO reply from someone I` don't know. So, I looked up the domain from the origin email and as it turns out, it is a parent company who owns the brand of the website where I placed my online order.

So, you maybe saying, big deal Kevin. Let me tell you why it bothers me. Clearly, when I placed the order, an email was generated with my email address as the sender and sent to someone's business email account. And it just so happens that the person who received the email was OOO and I got their OOO reply. Now, I don't think it's to big of an assumption that the email contained my order information, which may include my PII data, i.e., address, email, and phone number.

Therefore, it's conceivable, that my PII data is now sitting in the Inbox of someone at a company who I just did business with. I obviously don't know the contents of the email, but it has me curious to the point where I've reached out to the company to find out. Storing PII in email is a really poor practice (and maybe illegal if not encrypted) and if I'm right, I will not be doing business with this company any longer.

So, the moral of the story is? You have absolutely no idea of the digital footprint you create when you use the Internet and you should be very weary of who you do business with and what information you give out as you have no control on where the data it will land.