Certain US government mailing lists have this same problem. For example, the Federal Register table of contents listserv, which sends out daily mails consisting of links to government notices. Every few weeks, lawyers all over the country — plus us random wonks who also read the Federal Register for fun — get an autoreply from some other law firm telling us who quit or got laid off: http://listserv.access.gpo.gov/scripts/wa.exe?A2=ind1210C...

I'm only surprised it doesn't happen more often. I guess, given the intended audience, it's not so surprising that it doesn't get abused. But still, it would be incredibly easy to send out a fake email pretending to be the Federal Register. Imagine all the fun you could have issuing your own antidumping notices and arms control regulations.