Re: It'll never happen...
Isn't ICO/GDPR precisely the reason that they don't fix this?
If some random Gary emails and asks them to change a customer data and they do - won't the real customer rain down fines and brimestone upon them?
It's the sort of thing that means companies now require a letter from your lawyer signed by 3 popes before they will deal with you