We just got some very well made phishing mails mentioning our LUCID registration ID.
One of them addressed to our email used for Amazon.
Of cause all this information can be scraped from public sources.
The only striking things are,
that the sender was not actually the „Stiftung Zentrale Stelle Verpackungsregister“ but some small trading company who probably had their mail-server misconfigured
and that it comes in October instead of December, when reports and renewals are made.
We do have a recycling contract for our (product+transport) packaging and everything is properly registered with LUCID.
Looks like we are not the only ones.