The Register® — Biting the hand that feeds IT

Feeds

T-Mobile slip exposes 1,100 punters' email addresses

Telco sweats it in the Hothouse

By Bill Ray, 21st May 2012
  • print
  • alert

Customer Success Testimonial: Recovery is Everything

Subscribers to T-Mobile's Hothouse - a focus group-like mailing list - got an added benefit this morning: the email addresses of everyone else on the list. The gaffe was swiftly followed by an apology and a request to delete the offending information.

The mistake was a failure to use our old friend Blind Carbon Copy (BCC) by Ipsos MORI, which runs the scheme to gather opinions and product ideas from punters. Instead the market research outfit accidentally pasted 1,100 addresses into the "To" field. So the messages were delivered along with the email addresses of all the other subscribers.

The leak was quickly followed by several "recall" attempts (four, at last count) and then a grovelling apology and request that users delete the message manually.

Not that Ipsos is the first to make such a mistake; Orange shared email addresses while polling customers about ways it could improve communications back in 2010, barely a year after Vodafone broadcast its email list of people it had accidentally over-billed. Even this esteemed organ isn't immune from hitting the wrong button on occasion, following which the only correct course of action is an abject apology.

"Please accept Ipsos MORI’s sincere apologies for this unfortunate occurrence," says the email sent to us by several readers. "We are currently conducting an internal investigation and we will taking corrective and preventative measures to ensure our data protection guidelines are adhered to", hopefully nothing more than a slap on the wrist and a lesson in email use.

Now we just have to wait for Three and O2 to make the same mistake and we'll have a royal flush. ®

Ensure Ease of Recovery with Asigra’s Agentless Software

COMMENTS

House Rules Send Corrections
All Reader Comments (17)
Highly Rated
Bonce
Reply Icon

Re: bcc?

[Citation needed]

5
0
Lee Dowling
Reply Icon

Re: bcc?

I've never seen that on a working mail server or client, but I'd be throwing it in the junk pile if it ever did such a thing.

I suppose there's nothing to a stop a mailer leaking that info but, come on, use some decent software. BCC has the B for one, sole, primary reason - so that NOBODY KNOWS who else you sent it to but the mailserver. Any piece of software that pushes the BCC data into the email or headers should have been consigned to the scrapheap years ago.

4
0
Stuart Moore

Fix in software?

I'm surprised that most mailservers don't have a setting so that if you're sending to more than e.g. 20 people in the To/CC line, it sends you back something saying "Are you sure? Click here to continue". Certainly would save a lot of red faces...

4
0

More from The Register

breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17
breaking news
Yes, maybe we should keep hackers in the clink for YEARS, mulls EU
Watch out black hats, they just might throw away the key
39
Microsoft borks botnet takedown in Citadel snafu
Stupid Redmond kicked over our honeypots, wail white hats
19
Critical Java SE update due Tuesday fixes 40 flaws
And yes, most are remotely exploitable
33
Kaspersky slips server security into PC software as attackers get crafty
Want to bag a CEO? Aim for his family
8
breaking news
'BadNews is malware' says outfit that found it
Google says code harmless but Lookout says code base is evolving
15