Feeds

UK IT job outfit punts 491 private email addys

Yeah, I'll just stick the database in the 'To:' field

The next step in data security

UK IT recruitment outfit ecrm people has pulled off a bit of blinder by exposing the email addresses of what appears to be its entire mailing list of potential candidates for a Senior Web Developer post in London.

The missive, suitably censored here to protect the innocent, begins:

From: Ross Miller [mailto:Ross.Miller@ecrmpeople.com]
Sent: 19 April 2010 17:03
To: K-----, Alex; O-----, Mark; J-----, Michal; W-----, Moses; N-----, Hemal; M-----, Jack; R-----, Amit; P-----, Patrick; F-----, Peter S; R-----, Andrew; D-----, Ian; E-----, Anthony; M-----, Anthony; R-----, Adam; W-----, Andy; K-----, Sunil; B-----, Demuel; R-----, Alex; L-----, Rob Shan; F-----, Muhammad; G-----, Jeremy; S-----, Uday; J-----, Harshit; S-----, Matthew; G-----, Pete; S-----, Jamie; B-----, Mark; P-----, Hashin; I-----, Saqib; L-----, Brooke; P-----, John; H-----, Kristoffer; S-----, Grzegorz; W-----, James; P-----, Joe; S-----, Salman; S-----, Warren; R-----l, David; M-----, Richard; B-----, Harry; B-----,...

And so it goes on, for 491 contacts, all with their email addys laid bare. One disgruntled recipient replied to Ross Miller: "Hi, I assume these are all the web developers you have on your books? Could you please remove me from your mailing list."

ecrm people trumpets itself as "a true world leader in the provision of IT talent and staffing solutions within its core markets". It'd probably do well to trawl its IT talent for a data protection staffing solution, and sharpish. ®

Bootnote

The email ends with the usual extended disclaimer, which includes this gem:

The contents of this e-mail and any attachments to it are strictly confidential, may contain information or data which is private or proprietary to the Interquest Group, and is intended for the recipient(s) only. If an addressing or transmission error has misdirected this e-mail to you, you may not under any circumstances disclose, distribute, forward to any third party, print, copy or use this email (or any attachments hereto) for any purpose, and we request that you please (a) notify the author by replying to this e-mail; and (b) destroy this email immediately.

Well, we were going to destroy the email, but then decided to call in Gwent Police's top data protection operatives to do the job for us.

Bootnote 2

ecrm people's MD Steve Morrisey has been in touch to explain that the mass mail out was down to a technical error with the company's database, which meant the contacts were not included in the BCC field.

He said he would send a personal email explaining the error and apologising to each of the unwitting recipients by the end of the day.

Secondly, I concede that we could have minimised the impact here by Ross running a more effective/appropriate search (491 candidates is not a finely tuned search!), however as he is new to the job (less than a month in) I am willing to accept a level of inexperience here (rest assured this is a lesson he is learning the hard way!) - we were all trainee's once.

Security and trust: The backbone of doing business over the internet

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
OECD lashes out at tax avoiding globocorps' location-flipping antics
You hear that, Amazon, Google, Microsoft et al?
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.