Re: "Provide me with your full account details so that I can return the envolops to you"
Crazy, what a load of crap.
Data breaches 30 or more years ago were people stealing ledgers from buildings, & made little difference to anyone. You needed physical access, and special spy cameras to not get found out.
15 years ago no-one cared much. The scale was still small and what use was most of the data? A customer number, possibly an address, maybe a credit card.
Now? You get access for 3 minutes and you can pull gigabytes of data over the network or onto a thumbdrive, which has links to enough other related stuff you can know everything of worth about someone (or, more likely, 100,000+ someone's) and then turn around and sell that data through a ready for action network for actual money without much risk.
Data theft is far more common, & the scale is breathtaking when you think about it, in number of crimes, number of attempts and number of people affected.
Was there a database of more than a million credit card details that wasn't a bank or the card company itself 20 years ago? Because there are hundreds of them now, hence patches like PCIDSS.
Further, there are now many people looking for 0days to sell them on, & plenty of people targeting specific organisations who are prepared to pay out for them.
Add in the the letter agencies harvesting everything in site* & sharing it around, which I personally see as a data breach, & there is little that *isn't* leaked.