back to article Double-sided printing data ballsup leaves insurance giant Chubb with egg on its face

Insurer Chubb scored a privacy own goal recently when a double-sided printing error on bulk mailers sent to customers about a policy document change contained a stranger's personal details on one side of the sheet. The single A4 page included names, addresses and policy document numbers in addition to the policy update and was …

  1. Alister

    They ought to teach this in schools.

    At one time, we all had to learn the Lord's Prayer by rote. Maybe nowadays schoolkids should learn the following prayer:

    Our Customers, who art worldwide,

    We take the protection of your personal data very seriously,

    and we are committed to protecting the privacy and security of all the data entrusted to us,

    For ever and ever,

    Amen

    1. Lee D Silver badge

      Re: They ought to teach this in schools.

      I work on the "apology is not a solution" basis.

      Saying "Sorry" doesn't fix it. Tell me why it happened, what you've been doing to stop it happening before, and what you're going to do to stop it happening in the future.

      Because if the answer is: "We pressed the wrong button in Word, we've never imagined it could be a problem for a multi-national company to use Word mail-merge and not check the 'double-sided' option on our major print runs, and we'll slap the wrists of the intern involved but the next run will probably be done by a different guy anyway", then I have absolutely no interest in retaining your services.

      Rail companies do this all the time. Don't apologise for it being late. Stop it being late. Even if that means it still gets there at 8:08 and waits for 15 minutes before leaving, but at least we *know* that because you just re-time the route accordingly and tell us what to expect.

      You wanna convince me... do a full post-mortem, publicise the results (with suitable redaction), highlight the weaknesses you *had* and then post the plan and timeline to fix those weaknesses *and others of the same type* that you can imagine now you've sat and thought about it. Then I might accept the apology attached to that document.

      1. phuzz Silver badge

        Re: They ought to teach this in schools.

        I can imagine someone forgetting to turn off double sided printing, but how did they manage to put so many in envelopes and send them to customers without anyone noticing at any point that they had two different letters on one piece of paper?

        Surely multiple people must have held the paper in their hands and looked at it?

        1. Fatman

          Re: They ought to teach this in schools.

          <quote>Surely multiple people must have held the paper in their hands and looked at it?</quote>

          Not necessarily so.

          The entire print, fold (or 'mutilate') and envelope insertion process could be automated, running without human intervention once the print job was fired off.

          1. Keith Langmead

            Re: They ought to teach this in schools.

            "The entire print, fold (or 'mutilate') and envelope insertion process could be automated, running without human intervention once the print job was fired off."

            Yep, and they may not have physically done the print run themselves. So either inhouse automated insertion, or send the data to a 3rd party for them to do it.

            Saw GE's printing setup many years ago which was used for their own stuff as well as third parties. Very impressive to witness, fully automated printing, folding, envelope stuffing, and even sorting (on massive volume if you pre-sort the letters into postal regions you can reduce the postal cost per letter).

            1. Anonymous Coward
              Anonymous Coward

              Re: They ought to teach this in schools.

              I wonder whether they noticed the bill was half what they expected before the first complaint arrived.

              1. John Brown (no body) Silver badge

                Re: They ought to teach this in schools.

                "I wonder whether they noticed the bill was half what they expected before the first complaint arrived."

                It was probably outsourced. The outsourcer will have quoted for n print & stuff operation and been pleasantly surprised when the stuff operation came to n/2 but still billed the quoted price.

          2. DropBear

            Re: They ought to teach this in schools.

            Exactly. If the national electricity supplier's billing department we visited as students a full twenty years ago could do it then, your friendly neighbourhood grandma should be able to do the same today between tea breaks. As a funny aside, the highest security tech on site was the little sealed and padlocked device that was authorized to print and count the "delivery paid for" ersatz-stamps on all those envelopes...

        2. Cynic_999

          Re: They ought to teach this in schools.

          "

          how did they manage to put so many in envelopes and send them to customers without anyone noticing at any point that they had two different letters on one piece of paper?

          "

          Automatic folding & envelope-stuffing machine?

        3. katrinab Silver badge

          Re: They ought to teach this in schools.

          Because the printer the job was sent to puts the letters in envelopes and puts the envelopes in a mail sack, and all the staff there need to do is replace the mail sack when it fills up, and take the full sacks to the loading bay to be collected.

          I think they should have sent each letter as a separate print job, or placed the appropriate barcode at the side of the page to tell the printer it was a new letter.

      2. Sandtitz Silver badge
        Unhappy

        Re: They ought to teach this in schools.

        "Because if the answer is: "We pressed the wrong button in Word, we've never imagined it could be a problem for a multi-national company to use Word mail-merge and not check the 'double-sided' option on our major print runs, and we'll slap the wrists of the intern involved but the next run will probably be done by a different guy anyway", then I have absolutely no interest in retaining your services."

        This obviously was a mistake and as Phuzz added, a series of mistakes. Creating the document and printing is done by multiple people except in small companies.

        It however appears to be in Chubb's best interest NOT to publish the post-mortem since the reason is probably something on the lines of what you wrote there, and admitting this schoolboy error would result in not retaining a customer such as you and many others.

        Unofrtunately these kind of useless blanket replies do the least harm and most people - unless direcly harmed by the letter - will forget this episode in days. If however they did the noble thing, people could remember the company whose mailing division is not to be trusted, they'd receive ridicule for a long time, with funny memes created, commercial jingles re-worded etc.

        1. Mark 85

          Re: They ought to teach this in schools.

          It however appears to be in Chubb's best interest NOT to publish the post-mortem since the reason is probably something on the lines of what you wrote there, and admitting this schoolboy error would result in not retaining a customer such as you and many others.

          The catch is: "Where do you go then?" Seems every insurance company is getting hit by stupidiy, usually hacked but this one is different. Still... they've all (for the most part) been named and shamed and with no apparent flashback to the bottom line or customer numbers.

      3. The Oncoming Scorn Silver badge
        Pint

        Re: They ought to teach this in schools.

        I used to catch a train from Paddington on Friday nights back down to Devon, after time a pattern emerged.

        It was was the 18.31 from Swansea 10 minutes late, I & a few others who had cottoned onto the schedule, used to wait on the bridge over the stations, watch it being cleaned & then get on find our reserved seats , get DVD player & beer out & settled in before the rest of the herd had been let on to the platform via the gates on the main concourse.

        1. jeffdyer

          Re: They ought to teach this in schools.

          I'm always last onto planes and trains if I have reserved seats.

          1. Anonymous Custard Silver badge
            Headmaster

            Re: They ought to teach this in schools.

            But then have no space for your (hand) luggage, at least if you're in cattle class. And then delay everything while the cabin crew play tetris to try and rejig it all to fit.

            1. David Nash

              Re: They ought to teach this in schools.

              That's just because people bring stupidly-big cases as hand luggage.

              Just use a medium-sized backpack or other reasonably-sized hand luggage and stick it under the seat in front. Anything else gets checked in.

              1. A.P. Veening Silver badge

                Re: They ought to teach this in schools.

                and stick it under the seat in front.

                There is no space for hand luggage under the seat in front with my leg length and shoe size.

      4. J. Cook Silver badge

        Re: They ought to teach this in schools.

        Now, now, let's not get common sense involved here- it costs too much money, and our CEO needs an even larger yacht than the 100 footer he got last year.

      5. This post has been deleted by its author

    2. bpfh
      Facepalm

      Re: They ought to teach this in schools.

      Well, it certainly does seem like a prayer.

      - Say the prayers with eveyone else during mass

      - Ignore it once you get out of the church

      - IF caught, Go to confessional and explain your sins in private and put a fiver in the collection bin

      - ELSE carry on as if nothing happened

      - ...

      - PROFIT

      1. Alister

        Re: They ought to teach this in schools.

        Exactly my point, if learnt like the Lord's Prayer, nearly everyone can mumble along, but hardly anybody says it with any sincerity.

    3. Mike Shepherd
      Meh

      Re: They ought to teach this in schools.

      Our data, which is in the cloud.

      Hallowed be thy password digests. Thy security come, by obscurity as it is by encryption.

      Give us this day our daily breach reports and forgive us ours, as we forgive those whose breaches are against us.

      Lead us not unto the ICO, but deliver us from legislation.

      For thine is the schema, the hardware and the software.

      For ever and ever. Amen.

  2. MikeGH

    The firm holds the security of this information in such high regard that it urged customers to simply "discard this previous letter and refer to this version only, which details important information below about core for insured persons".

    I take it thats discard by securely shredding or burning?

    1. Prst. V.Jeltz Silver badge

      discard in accordance with whatever that customers personal security policy is i guess (ie as they would their own docs).

      I'd have just written "Please try to avoid the temptation to steal our other customers identity"

    2. chuBb.

      See my post below, but thats par for the course with them, i have been trying unsuccessfully for years to try and get them to educate their technicians on what the correct email address is to use, hint its not one that ends up in one of my catch all accounts!

  3. Chris G

    Seriously?

    But not quite seriously enough to train staff to protect customer data correctly.

    1. Giovani Tapini

      Re: Seriously?

      You may fairly safely assume that the bulk mailing is outsourced. Its been years since I've worked anywhere that prints locally anything other than one-off letters.

      I have almost never seen any bulk output in its physical form, its all overcomplicated with "inserts" and sorting for cheaper posting etc. This however is the source of the problem as its impossible to test in that setup.

      1. Doctor Syntax Silver badge

        Re: Seriously?

        "This however is the source of the problem as its impossible to test in that setup."

        It possible to test. It just results in the test run going to the shredder instead of the post. Unless, of course, that last step goes wrong....

        1. Stoneshop
          Facepalm

          What was that one again?

          Unless, of course, that last step goes wrong....

          "Dear Rich Bastard, as our valued customer etc etc"

      2. A.P. Veening Silver badge

        Re: Seriously?

        You may fairly safely assume that the bulk mailing is outsourced. Its been years since I've worked anywhere that prints locally anything other than one-off letters.

        I used to work for a bank that still did this in-house and that was less than a year ago.

  4. Prst. V.Jeltz Silver badge

    good intentions

    Well , this has obviously come about from a new "save paper / double sided by default" initiative - very admirable.

    They just didnt spot the bleeding obvious cases where the double sided would present a problem.

    1. Mark 85

      Re: good intentions

      Well , this has obviously come about from a new "save paper / double sided by default" initiative - very admirable.

      Don't give them ideas: "Read the side with your name on it. When done, mail it to the person on the other side. Thank you for helping us save trees and printing costs."

  5. chuBb.

    Thats nothing compared to the amount of misaddressed emails from them that end up at my primary domain....

    (I am a descendent of the company founders and operate a chubb based domain for the benefit of my family, so no domain squatting here..., also gifts me with a terrible chat up line: "i bet my name is on your front door, no? then its on your backdoor" ;) )

    Literally every day i receive dozens of fire extinguisher test reports, insurance documents, security system commissioning docs etc. I have repeatedly tried to reach out to their security people but yet to get a reply, kinda sad when you think that security is meant to be their thing, so now all the alarm codes, sensor coverage reports etc, get purged every week from the catch all account

    1. Roger Greenwood

      Having been burgled at work once, where they seemed to know the sensor coverage internally, such reports would be quite a thing to release into the wild. Thank you for your integrity.

      1. chuBb.

        Just the responsible thing to do, what distresses me more is why stuff like that is not sent encrypted, or even in a pass word protected zip to ya know put a speed bump in the way of casual observers... ho hum

        At one point i even went as far as having an automated reply of "this is not the domain you are looking for", all that did was make them double down on the attempts to send it to the wrong address

        1. Prst. V.Jeltz Silver badge

          "reach out to their security people but yet to get a reply, kinda sad when you think that security is meant to be their thing, "

          I dont know why but this is winding me up!

          is this all coming from subcontracted installers/testers?

          Surely the missing docs would alert them to an issue?

          If i have a chubb system installed i'd be bothered that

          a) my paper work is missing

          b) you've got it!

          could you not send an automatic reply to either the chief, or the accounts department saying .

          "More Chubb.co confidential information received, storage charge for this data is £xx pm"

        2. Alan Brown Silver badge

          "At one point i even went as far as having an automated reply of "this is not the domain you are looking for", all that did was make them double down on the attempts to send it to the wrong address"

          I had a similar problem with a finance company whose fax number was the same as mine - in another area code. Complaining made it worse.

          The annoying faxes on the voice line only stopped when we plugged in a fax and started faxing back applications with "REJECTED" written across them in 2-inch high letters. I'd imagine that someone started getting an earful in head office.

    2. Doctor Syntax Silver badge

      How about starting a blog/social media account and feeding the stuff straight into that? Email them one last time reminding them of previous communications and tell them you're going to do that so when their lawyers come storming out you can point them to that and tell them to go back and tell their clients that they should have cleaned up their act long ago.

      1. chuBb.

        Yeah, no

        three things

        1) social media, i do not

        2) Would be wide open to civil suits

        3) As this is very sensitive information all i would do is hurt the customers (im talking sheltered housing, old folks homes, hospitals, banks, small businesses etc.) who have done nothing wrong than assume the security company gave a flying f about digital security, and even then the core of the problem seems to be US set policy from the parent company

        1. 0laf Silver badge

          Re: Yeah, no

          If you're in the EU then an email to the ICO will likely produce some results.

          https://ico.org.uk/make-a-complaint/

          1. Trollslayer
            Thumb Up

            Re: Yeah, no

            Good idea

        2. oiseau
          Pint

          Re: Yeah, no

          1) social media, i do not

          Thank you so much for that ...

          I was beggining to think that I was the only one.

          So tired of people insisting that I was missing out on so much convenience, etc.

          Have one on me --->

          And a good week-end.

          O.

          1. spold Silver badge

            Re: Yeah, no

            Ditto!

            My only concern is that when travelling to certain crazy countries that want the passwords to my social media accounts and I try to explain that I don't have any they won't believe me... guess I have to make fake ones.

        3. heyrick Silver badge

          Re: Yeah, no

          "assume the security company gave a flying f about digital security,"

          Maybe more practical to spend a free half half to work out who some of these reports are referring to, and simply forward the info to the relevant people with a covering message. That might start a useful ball rolling.

        4. Alan Brown Silver badge

          Re: Yeah, no

          "Would be wide open to civil suits"

          Not really. you're operating an email to bulletin board gateway and there's a very simple way to prevent sensitive information showing up on it - don't mail it in.

          As for #3 - the civil suits will start flying and they won't be directed at you.

          You might also try contacting the ICO if there's personal information on what's coming through and the company is UK based.

          1. chuBb.

            Re: Yeah, no

            Maybe not directly but don't need the hassle of getting dragged into anything, frankly it caused enough hassle last time I got a threatening letter disputing my right to the domain even though I have had it registered since the mid 90s for me to consider shutting the service down. Thankfully the reply of "gtfo its my surname kind regards Mr chubb" saw that one off at the pass...

    3. phuzz Silver badge
      Trollface

      1) Find a friendly sysadmin at Chubb.

      2) Get network access.

      3) Set every wrongly addressed email to be printed out on the head of IT's printer.

      That should get the problem solved quickly ;)

      1. Fatman

        A better idea

        <quote>3) Set every wrongly addressed email to be printed out on the head of IT's CEO's printer.</quote>

        FTFY

      2. Alan Brown Silver badge

        "Set every wrongly addressed email to be printed out on the head of IT's printer."

        No. It's best if it gets printed out on the _REGULATOR'S_ printer.

    4. iron
      Facepalm

      Having worked in an office next to the local Chubb Fire Security division none of this surprises me. I had regular arguments with them about which air con control was for their office and which was for my office. I used to work in their office but they still would not believe me despite demonstrating that the AC on which they were turning the temperature up was not blowing any air in their office.

    5. LeahroyNake

      Or you could

      Just turn off the catch all and let them deal with the NDR's ?

      You would think someone would realise sooner or later.

      1. chuBb.

        Re: Or you could

        I could but as I mentioned I mainly use the domain for family email addresses, and as I'm extended family tech support (wearing the "I will not fix your computer" t shirt to family gatherings didn't have intended effect) it's much easier to find missing emails for great aunty Doris whose fat fingered friends have forwarded some chod to drois@....

    6. DarkwavePunk

      Chubb insurance are not the same as the Chubb locks etc... as far as I recall. I worked for the former on a short contract many years ago and vaguely remember being mildly confused then.

  6. Prst. V.Jeltz Silver badge
    Coat

    ok ,

    20 points for spotting a "jail the directors" post,

    10 for a "when the fines reflect the crime"

    5 for a "they will never learn "

    5 for "ICO has no balls"

    bonus points to anyone posting anything new and/or interesting

    1. Kez

      'anging's too good fer 'em

  7. adam payne

    "Unfortunately," said one Reg reader who asked to remain anonymous, "they printed the mail shot double-sided - so one person's letter was on one side, and somebody else's was on the other."

    So no one noticed that there were less letters then there should have been!?!

    1. Prst. V.Jeltz Silver badge

      exactly,

      you'd think after letter #1 , both sides would be going to the wrong customer , and at end of run , lots of envelopes left over.

      1. mj.jam

        I assume they use envelopes with windows, so they don't have to do a second printing. All automated so the letter gets folded and the address on the front shows through. But they would have quite a lot of envelopes left unused.

      2. andy gibson

        "Hey boss, we've done the mailshot you wanted. And we saved the company loads, we only needed half the envelopes you bought"

    2. Anonymous Coward
      Anonymous Coward

      Nah, the person responsible for the screw up will have got congratulated for coming in under budget on the mailings.

    3. Steve Aubrey

      I think it was a classic off-by-1 error. 2-page letter that they started on side 2 instead of side 1. That's a guess - no inside knowledge.

  8. Doctor Syntax Silver badge

    For all companies who have a balls-up, here's an example of how to communicate with your users afterwards:https://hacks.mozilla.org/2019/05/technical-details-on-the-recent-firefox-add-on-outage/

    1. J. Cook Silver badge

      That's actually a pretty good executive level summary of how certificate chains work, how they break, and how they are fixed.

  9. Anonymous Coward
    Anonymous Coward

    Clear text

    If it's in the mail, in clear text, is it secure at all?

    not in my opinion.

    1. hayzoos

      Re: Clear text

      There are levels of security for items mailed. The lowest is a post card, then in a plain envelope, then in a security envelope, then add a security insert, double envelope with inner security sealed, the possibilities are endless before you even upgrade the trustworthyness of the carrier. Things were sent securely before they were digital.

      This mail run should have used the security envelope. I say should because even things which were secured prior to PCs on every desk are now not and not just in the PCs.

      I have received a piece of mail which should have been in a security envelope but wasn't... It was the information I needed to login to the secure patient portal being sent via a separate channel for security. It had the password and username and patient name and URL of the portal all in a plain windowed envelope. I complained to all the right places but to no avail. They are now seeing the advantages of going digital but still getting it wrong. By security policy, they now are rejecting access from VPN. So now I am forced to choose the digital equivalent of the plain windowed envelope or the actual plain windowed envelope.

  10. spold Silver badge

    Let's make it logical....

    ...had a client that had similar problems, not because of the paper option, but because the programmer did not clear variables properly between items, so any fields on the next person details that were blank inherited the data from the last person...

    1. Anonymous Coward
      Anonymous Coward

      Re: Let's make it logical....

      Portland OR, circa 1999 -- I was that programmer.

  11. 100113.1537

    Saving the world...

    Their printers are all set to print double-sided by default so they can save paper.

    1. harmjschoonhoven

      Re: Saving the world...

      That is why I love pages printed at least at one side with:

      This page is intentionally left blank

      Copyright <Month> <year> CONFIDENTIAL

  12. TrumpSlurp the Troll
    Facepalm

    Done that myself - Adobe

    For my sins I occasionally use Adobe to print PDF files.

    I have a double sided printer.

    I recently discovered that if I do a print run of 20 one page single sided documents it helpfully saves paper by printing double sided.

    You have to set it to single sided printing in the printer properties.

    Still, Adobe.........

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like