Although.
Recently I received a handwritten envelope at the address that ONLY the Book Depository has. No one else, no other site. (Why I set it up that way, lord only knows, but I did).
Because the envelope was not a window envalope and not typed, I assumed it was fron a friend somewhere.
The stamps were from Greece and I have some jetsetting friends, so I just through it was Lynn again, on one of her interminable holidays. I opened it. It was on a legal letterhead, one that would be easy to set up with WordArt. In fact, it WAS WordArt - I've used that very same decorative option myself om World documents.
The return address was Holland, even though the stamps were from Greece.
The text was Dear Mrs (wrong salutation) Surname (spelled correctly, and my spelling is a littel eccentric).
Then it went into the usual Nigerian scam: I am a lawyer in Scotland (different to either Holland or Greece), My name is so-and-so, I had a client with the same surname as yours (also correctly spelled) who died with no will and no relatives and $60 million in the bank, and I want you to claim the money, so that we can split it down the middle.
In other words, standard internet spam.
But on paper instead of in an email.
And at an address that only the Book Depository knows.
Now, it is actually quite difficult to hack a client list with addresses and everything unless you work at the business, and spammers often offer mega-dollars for access to "mailing lists". It would have been easy enough for them to convinve Book Depository they were a publisher requiring their customer-list in order to do market research on what people were reading, or something.
I for one, knowing where the information about that address leaked, will not be going back.