Last week I came across a data set of 1 million emails who were said to have "opted-in" to spam. It listed: email, name, address, city, state, zip, extended zip, phone number, date of birth, time added, IP and the source.
To anyone that's a lot of personal information!
How did they get this information, I had a look at the sources column which contained these distinct values.
My theory is they filled in all this unnecessary information on signup and left a box ticked that allowed the website to share this information.
With a dump like the one I found, it's easy to spoof eBay emails with more apparent legitimacy.
Of course your bank and ebay should know your real name, dob, etc, but the LA Times can think I'm:
4263 Joseph Street
Milwaukee, WI 53226