Our Mine appears to be exploiting a vulnerability a lot of people expose themselves to. Little has been mentioned of this so I'll explain it here. Create websites offering great free services of some kind. Site may or may not work to provide said service. Site requires user to create login account, usually by entering real name, birthdate, username, password, alternate email address, secret question and answer. User may or may not use real name, birthdate etc but you know, most people can't be bothered to think up new usernames and passwords for every site and many will use the same accross multiple sites and may choose the same secret question too. Now you have all that information you go to their alternate email address and see if the same password works. If password doesn't work you might try the "lost password" facility to see if the secret question is the same. You might try that username/password combination with other email providers. If they used their real name, look up their Facebook and other social networking sites to test that password. That is how one thing leads to another if you cross site the same password. Hackers automate that process to test the credentials you entered and variations of them accross thousands of sites, email providers, shopping sites, social, porn etc. Each time they get into another site you joined, they learn a little bit more about you and other sites you belong to and sometimes they will hit paydirt like an email address with email from other sites you belong to and perhaps some very personal email or worse...
