Original URL: http://www.theregister.co.uk/2012/05/21/mailing_blunder/

T-Mobile slip exposes 1,100 punters' email addresses

Telco sweats it in the Hothouse

By Bill Ray

Posted in Security, 21st May 2012 11:19 GMT

Subscribers to T-Mobile's Hothouse - a focus group-like mailing list - got an added benefit this morning: the email addresses of everyone else on the list. The gaffe was swiftly followed by an apology and a request to delete the offending information.

The mistake was a failure to use our old friend Blind Carbon Copy (BCC) by Ipsos MORI, which runs the scheme to gather opinions and product ideas from punters. Instead the market research outfit accidentally pasted 1,100 addresses into the "To" field. So the messages were delivered along with the email addresses of all the other subscribers.

The leak was quickly followed by several "recall" attempts (four, at last count) and then a grovelling apology and request that users delete the message manually.

Not that Ipsos is the first to make such a mistake; Orange shared email addresses while polling customers about ways it could improve communications back in 2010, barely a year after Vodafone broadcast its email list of people it had accidentally over-billed. Even this esteemed organ isn't immune from hitting the wrong button on occasion, following which the only correct course of action is an abject apology.

"Please accept Ipsos MORI’s sincere apologies for this unfortunate occurrence," says the email sent to us by several readers. "We are currently conducting an internal investigation and we will taking corrective and preventative measures to ensure our data protection guidelines are adhered to", hopefully nothing more than a slap on the wrist and a lesson in email use.

Now we just have to wait for Three and O2 to make the same mistake and we'll have a royal flush. ®