The Stripe situation is frustrating: by mandating an email address on all invoices, we're providing a channel that sends customer queries directly through to us rather than via our support portal, which already has the answers many people are raising tickets for. It's frustrating because it slows our customers down (they need to wait for us to respond), and it's also frustrating because we have to respond (and we're swamped as it is). I go into more detail in the video but at this stage, it looks like the only way out is to create a do_not_email@ alias, which people will inevitably email anyway, and then auto-respond to that with a link to the support portal. C'mon Stripe, fix this thing!
References
- 1Password Extended Access Management: Secure every sign-in for every app on every device.
- The Omnicuris breach went into HIBP (they have the data, but nothing in terms of disclosure)
- The MaReads breach also went in (same story - they have the data and radio silence)
- If you've got a Chromebook and are handy with debugging websites, help! (I still don't know what's causing this)
- Aura identity protection is the latest partner to join HIBP (they'll be seen by visitors from the US)