I agree, name and shame. If they are allowed anonymity, they will remain in denial that this is happening. If named, the reputable ones will have an opportunity to mend their procedures. It would only be fair to PM the relevant casino reps, so that they have an opportunity to join in the debate, and alert their management to what has been found.
If you have proof, better still. You are not making wild assumptions, if you have used different E-mail addresses to different casinos, it is easy to spot the sources of the leaks of your E-mail addresses. It may be deliberate, or a scam from a low level employee who sees the opportunity to make a little extra on the side.
Many of us here know that, despite promises, our details are not as secure as they would be at, say, our banks.
One problem with this method of detection is that you cannot use webwallets, as the E-mail address registered at the casino has to be your "real" one because it has to match the one registered with the webwallet. It's not a problem if you use cards though.
As you are from Southampton, I have to ask, your name isn't Adrian by any chance?
When I was a teenager, a friend of mine had a friend who was pretty smart, and used a similar method for working out which companies sold his details to junk mail companies. It involved changes to middle initial(s) rather than messing with the main details. He was also rather good at electronics, cleverer than me in fact
