Not bad going!
First they don't use the BCC field, then they try to use Recall - which doesn't work unless the recipient is on an Exchange server, and quite often not then.
The usual answer by a bank, "Additional training has been scheduled..."
Metro Bank, the newly established UK retail bank, has irked its customers with a schoolboy email error. The latest marketing missive from the bank was sent using all the email addresses in to To: field instead of using the bcc (blind carbon copy) field. In the process, the bank disclosed the email addresses of around 1,200 …
I don't think a month goes by when I don't get an email listing all recipients from an organisation that should know better. Beyond a doubt the worst must be the University of Sydney which runs so many of its public talks through distribution from various administrative officers' email addresses as a more-or-less ad hoc affair. There's no point trying to educate one of them, as temp staff often step in and repeat the same mistake the following month/talk.
Somehow they got this phrase out in their launch marketing, and the media have propagated it since. I agree that four branches in London doesn't make a bank, and I strongly doubt the claim it's the first for 100 years. But memes will spread. I've not spent the time to try to find counter-evidence. The Co-op Bank traces its corporate history back to 1872 (http://bit.ly/kxCVuy) so probably doesn't count.
"Rest assured there is no need for any concern as no other information was sent."
What could possibly be wrong with lots of people you don't know being given your email address without your consent? Exactly, nothing, so there's absolutely no concern whatsoever. Case closed.
I'm a customer and didn't receive the email. Doesn't particularly bother me - have seen it from numerous other companies which usually don't make the same mistake again.
If you live in London and travel overseas then it's worth opening an account with Metrobank, as unlike the vast majority of UK banks, they don't charge any commission or exchange rate markup on overseas debit card withdrawals. I just transfer money in before going overseas.
I don't use them for day to day banking as their online banking website is pathetic.
they send "your statement is ready" emails manually using Outlook?! Who designed their IT systems, a work experience student?
Why is it that the name "Metro bank" makes me think of the Metro newspaper, which is handed out free at train stations, good to keep you occupied for about 10 minutes, and generally is a nice idea but not something to take too seriously?
Wouldn't the Cooperative Bank claim the first new bank in a hundred years line see:
http://en.wikipedia.org/wiki/The_Co-operative_Bank
While the bank formed in 1872, it wasn't a registered company until 1971 - which I believe is when it started taking customes outside of coop group. In 1975 was the first new member of the clearing banks in 40 years.
Surely this hints at deeper IT issues at Metro Bank? Some marketing wonk is getting a list of customers' email addresses and pasting them into Outlook - that this is even possible suggests to me that they don't operate the principle of least privilege.
Why does anyone in marketing need to see a customer's details? Surely they should be entering their text into a template which the system then fills in with customer data?
I remember a mobile phone retailer falling foul of its own similar snafu about ten years ago, when they forgot to use "Bcc" to notify the very small number of exclusive winners of a competition to win a free phone. Only went out to several thousand recipients. Needless to say the phone wasn't really free at all. No compensation there, equally needless to say, just a whole drove of potential customers (some of them hitting "reply all") insisting something about sticking pins in their eyes rather than buy anything from the culprits.
If all the email said was "your statement is ready", why was it being sent out by a human in the first place. Surely that should be done by a cron script, one email to each customer, one at a time?
Sounds to me like they do not have a proper grasp of their server back-end. Imagine how much admin time this must take to do by hand.
This is what happens when management thinks it can do an IT engineer's job.
A lot of IT jobs have potentially annoying or security implications that untrained or immature people just don't think about.
This email should have been sent via a mailing list so there is no chance of a human doing what they did.
This just exposes the bad and disorganised practises going on behind the scenes at this bank.