anyaristow writes "Since the mid nineties I've used a unique email address for everyone I do business with and for every service or site I sign up with, so that if someone leaks my email address to spammers I know who did the leaking. Until this year I'd only had a few of these addresses compromised (including a national flower seller and a major music gear maker). This year I'm getting about one every other month, including a telecommunications giant and one of the three credit reporting agencies. There are no mailboxes or accounts associated with these email addresses; I receive all email to the domain. These addresses exist only as text I typed into a web form, and as header fields in received email. I'd consider a man-in-the-middle or someone gaining access to my mailbox as possible culprits except I haven't had communication with that credit agency in years, and I just yesterday started receiving spam to that address. That, and only a few of these addresses are compromised. Is anyone else seeing this, and can anyone think of a reason other other than lax security or the use of third-party email campaigns?"