back to article Research firm emails 20,000 addresses in the clear

We've almost got bored of stories about people sending emails to lots of subscribers without using the BCC field, but not when the mail is sent to 20,000 people. Today's doofus is investor research company Digital Look. It sent a mail yesterday morning which revealed 22,129 email addresses. Whoops. Two hours later Digital …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Unhappy

    Is "BCC" available everywhere?

    Yes the article reports daft behaviour. Someone made a mistake, and the user agent probably didn't do anything to prevent it ("are you really really really sure?" etc)? Meanwhile...

    I have a lot of email dealings with various bits of Birmingham City Council (also, confusingly, BCC). No-one seems to use (or know about) blind carbon copies at BCC, even where I have asked after being concerned by other folks email addresses being exposed. Are there some email agents around which actually don't permit use of BCC?

  2. Anonymous Coward
    Coat

    Hmmm

    "human error that caused this problem and we are currently taking steps to ensure that this can never happen again"

    Head meet chopping block, axe will join you shortly.

    Mine's the one with the axe in the pocket

  3. John Chadwick

    To err is human...

    ......but to really foul things up you need a computer.

    I don't remember who said it first, but it still holds true. Damn those distribution lists.

  4. Peter
    Unhappy

    'only a small number of people received the mail'

    I feel privileged, I was one of the chosen few. I've never won a competition like this before. Wonder what my prize will be? A can of spam, perhaps?

  5. Mark

    Yeah right

    Let's hope they're not "sensible and responsible" pump 'n' dump scammers.

  6. Andy Worth

    a small number of people?

    Over 22,000 email addresses, so assumedly it went to 22,000+ people (excluding the fact that some addresses may be defunct). So when exactly do they consider it to be a large number of people?

    Muppets.

  7. Richard
    Thumb Down

    Atos Origin....

    ....did something similar recently.

    Some doofus posted a stack of stuff out with NI numbers printed on the envelopes.

    A letter of apology appeared a few weeks later.

  8. Chris
    Stop

    As I replied to them at the time

    F*****g idiots.

  9. Ian Ferguson
    Thumb Down

    Hmm...

    Depending on how the email was sent, they may have noticed after only a few were sent.

    If it really was sent as one email using the CC field rather than BCC, then they're screwed.

    However if they were using some sensible mailing software, it will have been sent as 20,000 individual emails (with the email address in the To field) over a period of time. If each email contained all 20,000 addresses, assuming a modest 10 bytes per email address, that's 200 kilobytes per email; probably clogging up their mail server as four gigabytes of email tries to send. That should be enough to get anyone's attention.

  10. Alan W. Rateliff, II
    Paris Hilton

    Re: Don't they teach BCC at PR school?

    No.

    Paris, because that's all I got.

  11. Anonymous Coward
    Coat

    one back?

    I think it might be funnier to reply-all and say something along the lines of "your apology is accepted".

    The one with 419 for beginners in the pocket.

  12. citizenx

    Really!

    I'm bored of this tired old line coming out of organisations who make these obvious schoolboy errors -

    "We take your privacy very seriously and our team are working hard to put in additional safety measures right now."

    Clearly they do not or it wouldn't have happened in the first place.

    Tossers.

  13. Tony Barnes
    Thumb Up

    Classic!

    "Pointy hat and corner-standing duty for someone, we think."

    Top writing!

    What an unbelievable daft amount of people to send to though....

  14. Stephen

    RE: Is "BCC" available everywhere?

    "Are there some email agents around which actually don't permit use of BCC?"

    As I understand it the FTgate mail server does not allow excessive numbers in the BCC field (erroring with a 560), but thats only because it was written in the UK and was based around our privacy laws.

    Of ocurse with Microsoft Exchange still dominating the market, and every desktop email client out there still being designed around TO: and CC: with BCC: as a more hidden option I cannot see it being used heavily.

    As for privacy I see it all t he time with people forwarding their junk joke emails to me including the emails of half the Internet for my leisure. You can't trust users to be private until you make BCC: the default and remove support for multiple addresses in TO: and CC: in mail clients and servers.

  15. citizenx

    Re Stephen

    >As for privacy I see it all t he time with people forwarding their junk joke emails to me including the emails of half the Internet for my leisure. You can't trust users to be private until you make BCC: the default and remove support for multiple addresses in TO: and CC: in mail clients and servers.

    As do I but that doesn't mean you can or even should force private citizens to follow your beliefs.

    Companies (data processors) are one thing. Personal mailing lists are another.

    I don't want the incompetence of oranisations as that above dictating how i might use my own email services and clients thank you very much!

  16. Andy Enderby
    Joke

    Don't they teach BCC at PR school?

    of course not, the PR and marketing peoplettes have to be taught to walk, talk and chew gum without forgetting to breath. Then they need to learn on how to get the lawyers to screw the trousers onto those "challenging" clients every morning.

  17. Tom
    Alert

    Re: ... Don't permit use of BCC

    "Are there some email agents around which actually don't permit use of BCC?"

    I don't know of any mail clients which don't permit the use of BCC - but I know that Outlook 2007 hides the BCC field by default.

    Why didn't this company use a proper mailing list solution like Mailman. Easier to manage and stops this sort of problem.

  18. Anonymous Coward
    Stop

    This wasn't a BCC Cockup!

    I received this mail, but I was the only person on the to: or cc: lines. The issue is that the *body* of the email contained a list of 22,000 email addresses.

    Looks like some sort of cockup with a mail merge script.

  19. Jody

    To Err is human

    Farmers' Almanac, 1978

    I have had that in my signature line since 1997 when I first got my hotmail address :)

  20. Anonymous Coward
    Anonymous Coward

    It was nothing to do with the BCC field.

    Somehow 22114 private email addresses were copied into the body of the message. This was then successfully BCCd to x number of people. (Where x could well be 22114.)

  21. Stephen

    RE:citizenx

    "As do I but that doesn't mean you can or even should force private citizens to follow your beliefs.

    Companies (data processors) are one thing. Personal mailing lists are another.

    I don't want the incompetence of oranisations as that above dictating how i might use my own email services and clients thank you very much!"

    True but the average end user is clueless when it comes to these data protection issues and that giving out an email address of someone without their permission is a data protection act breach. Given most people use their personal email accounts this way at home they bring those same bad habits into the workplace and we get stories of this type crop up.

    I see this sort of thing all the time running through our mail server, eternal companies sending out a tender document and then including the email addresses of contact people of multiple businesses (many of which we have no dealings with) in the TO: and CC: field. People are always doing it.

    End of the day end users are the biggest risk in any business and safeguards on company systems to prevent employee abuse of company accounts is a good thing, the problem is they just don't exist within email clients where email is being composed.

  22. David V

    At last some green ethics in email

    There is only one thing worse than creating ridiculous amounts of carbon copies, and that is *hiding* the fact that you're doing it.

    Thank goodness someone is using the "To:" field and minimising carbon emissions.

  23. Anonymous Coward
    Gates Halo

    Re: Is "BCC" available everywhere?

    It probably is, but where I am at present, the default install of Micro$oft LookOut does not display it, and M$ do a pretty good job of hiding the switch. Still the client was paying for the time it took!

    Is it time to put in a plug for Pegasus Mail (www.pmail.com)? An email client that abides by the standards.

  24. steogede
    Gates Horns

    Re: Is "BCC" available everywhere?

    >> Are there some email agents around which actually don't permit use of BCC?

    I know that certain MS products do a very good job of hiding it.

  25. herman Silver badge
    Flame

    Spam filters?

    That kind of email won't get through any self respecting spam filter. So I guess they figured it out when they got 20,000 bounce messages.

    That would be a fair number of bounces to click delete in MS Outlook...

  26. RW
    Dead Vulture

    Pegasus

    Sadly, Pegasus is Windows-only these days. It's one of the barriers to me completeiy switching to Linux.

    And Wine has glitches in it that make Pegasus awkward to use under Linux. Pegasus uses daughter windows extensively, and Wine replaces a lot of "close this window" menu items with "close the program" ones. Evidently Wine does not fully understand all the intricacies window usage under (ahem!) Windows.

    I've asked the Pegasus folks about creating a version for Linux, but no luck there. Too bad; I've been using Pegasus since 1996 and simply refuse to change away from such a good program.

  27. J-Wick

    @Pegasus

    Try running it under VirtualBox? If you would like to switch to Linux at least you can fire up Pegasus without having to reboot. Works for me with MS Money...

  28. Anonymous Coward
    Anonymous Coward

    Thunderbird isn't that hit for BCCs either

    Slagging off Outlook is all very well, but it's not as if it's the only one that doesn't handle BCCs in a totally straightforward manner.

  29. Jeff Rowse
    Dead Vulture

    Reply to all>

    Please remove me from this mailing list.

    >Me too!

    >And me!

    >Me aswell

    >Will Everyone STOP Doing Reply To All

    >Whyis everyone emiling me?

    >Hey stoopid, you spelt whyis and emailing wrong!

    >Please take me off this distribution list

    .

    .

    .

    .

    and so on. Ain't Users wonderful??

This topic is closed for new posts.