Peplink account email addresses: have they escaped?

The email address I use for my Peplink account is something I made just for use with Peplink. It’s a nonsensical combination of letters and numbers, created by a privacy-enhancing service provider that I use. That company is called Abine.

The other day I got a single scam message on the address, and no more of them. That could mean a few different things. In no particular order:

  1. Peplink’s database of email addresses (and perhaps other information) used for the accounts has been compromised.

  2. My privacy-enhancing service has had its database of generated email addresses compromised.

  3. My email service provider (i.e. where all of the messages end up; it’s a big one like gmail but it’s something else) has had some kind of compromise.

  4. Something about mail addresses being harvested from messages in transit. After all, email isn’t a secure thing at all.

I will say that #3 is particularly unlikely. The organization would eventually know about the breach and make an announcement, to preserve their reputation. I can’t say anything about #1, #2, #4.

I wonder if Peplink would comment on whether there has been any suspected data breach in whatever system(s) would know these email addresses, or if there is anything about the environment the messages pass through on the way out.


I also have an unique email address just for Peplink and others for most other services. Not Abine. I have had no spam to that email, although if caught in Spam filter over 30 days ago, it would have already been auto-deleted.

Since you’ve chimed in, I’ll give an update: I haven’t received any other spam/scam message on that address again, so far. Of course, that’s not particularly interesting information.