You could send large amounts of data to an IP in sporadic bursts, find which graph correlates, get their account number and use that as a starting point for social engineering the helpdesk staff.
Elaborate, sure, but plausible. The more important part of the leak is all the account numbers anyway :).
Elaborate, sure, but plausible. The more important part of the leak is all the account numbers anyway :).