Capital One, a large US-based bank and credit card issuer, stands out for sending by far the largest number of transactional emails containing personally identifying information (PII) to my spamtrap collection. :/ Capital One uses a number of ESPs, but its transactional emails are usually sent from Bigfoot Interactive, owned by Epsilon Interactive.
Capital One, a bank with an aggressively-advertised credit card program, just sent a bulk email advertisement to a spamtrap that has never heard from Capital One before. Worse, the email uses a name that was never associated with that email address when it was live. So how did Capital One acquire that name and email address combination? One spamtrap hit isn’t conclusive, but this smells very much like a bad e-pend to me. The ESP is Epsilon Interactive, via its subsidiary Bigfoot Interactive.