Sign in / up

back to article Law firm email blunder exposes Church of England abuse victim details

A London law firm leaked the details of nearly 200 people who requested to receive updates about the redress scheme set up for victims of abuse at the hands of the Church of England (CoE). MoD ministry of defence UK's Ministry of Defence pins hopes on AI to stop the next massive email blunder READ MORE City firm Kennedys Law …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. b0llchit Silver badge
    Mushroom

    Hide and hide some more to hide it all

    While there have been important improvements in child protection practice, the Church of England still has more to do to rebuild the trust of victims and survivors. Some internal past case reviews were flawed and inaccurate, and there was a tendency to minimise offending.

    That little admission says it all. There is no real interest in cleaning up the mess they created and allowed to flourish and fester for centuries. The whole organisation should be banned as a criminal organisation and all their assets seized, converted to cash and distributed to the poor. They have been involved in institutionalized crime for many hundreds of years and they really, really, do not want to change. Other organisations have been banned for less.

    20 4 Reply
    1. VoiceOfTruth Silver badge
      Reply Icon

      Re: Hide and hide some more to hide it all

      >> The whole organisation should be banned as a criminal organisation

      Some self-appointed group of nonentities call themselves 'clerics', and use that as an excuse for all kinds of abuse. $GOD works in mysterious ways, is the old get out of jail free card.

      12 4 Reply
      1. Fazal Majid
        Reply Icon

        Re: Hide and hide some more to hide it all

        Sadly, in the UK, a country with neither a proper constitution, a bill of rights, spearation of church and state or an independent judiciary, they act as agents of the state, which they are as the established church.

        1 3 Reply
  2. Doctor Syntax Silver badge

    A law firm should know better. It should ensure its staff know better. It should have mechanisms in place that don't rely on staff knowing better.

    21 1 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      This is not a whoops I made a boo boo !!!

      A law firm should know better and MUST know that you cannot get away with a 'Whoops sorry !!!'.

      This sort of error is so basic that it is nothing more than some form of negligence.

      I hope the people who are now impacted by this 'go for the throat' as far as this law firm is concerned.

      I have worked with many law firms in an IT capacity and they are usually very very focused on security/privacy and I had to go through many hoops before they would trust the company and its staff.

      This is really bad !!!

      :)

      14 0 Reply
    2. Tom66
      Reply Icon

      If you put more than 25 emails in 'cc' Outlook (and other email software) asks if you are sure about that. Kind of bonkers this can happen and points to a complete lack of staff knowledge of IT... which is probably about right for a law firm I guess.

      7 0 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        FFS ... this is not acceptable !!!

        "... points to a complete lack of staff knowledge of IT... which is probably about right for a law firm I guess."

        This was true 20-30 years ago ... BUT now should be considered 100% unacceptable !!!

        All law firms should have learnt, by now, that you cannot be slapdash with security/privacy ... there are no excuses available.

        People are charged for the partners to be doing the work NOT the office juniors, so spend some of the money on proper training and basic security.

        This makes me very angry as it is basic stuff that has been covered multiple times over the years.

        :)

        5 0 Reply
        1. nonpc
          Reply Icon

          Re: FFS ... this is not acceptable !!!

          They should have some form of data loss prevention firewall which should trap this anyway. Does the Outlook recipient count check work with mailing list groups (does it expand these and count them before sending)?

          I narrowly escaped a job in IT for an American law firm a couple of decades ago...

          0 0 Reply
  3. Aladdin Sane Silver badge
    Flame

    Another day

    Another data breach fuck up.

    9 0 Reply
    1. Woodnag
      Reply Icon

      Re: Another day

      A fool failing to use BCC in a mailshot is not a breach.

      1 7 Reply
      1. David Hicklin Silver badge
        Reply Icon

        Re: Another day

        Its still a fuck up!

        4 0 Reply
        1. Woodnag
          Reply Icon

          Re: Another day

          That it is. As others have pointed out, preventable at the system level too.

          0 0 Reply
      2. Aladdin Sane Silver badge
        Reply Icon
        Facepalm

        Re: Another day

        GDPR Article 4(12): ‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed;

        TL;DR, you're wrong.

        5 0 Reply
  4. Maurice Mynah
    Facepalm

    Hidden figures at the MoD

    The ICO says it warned the MoD about hidden tabs in spreadsheets, but that didn't stop them sending "the most expensive email in history" (BBC reports today about the Afghan debacle).

    During the investigations, the MoD and ICO had secret meetings where "Written notes were forbidden". You couldn't make it up, could you - like Dad's Army with taxpayer's money (£850M).

    7 0 Reply
  5. JimmyPage Silver badge
    FAIL

    It said it made attempts to recall the emails,

    It amazes me how many people struggle to understand how this never ever works.

    I wonder if I could setup a business rinsing marks for "recalling emails" - it's a professional service.

    12 0 Reply
    1. Woodnag
      Reply Icon

      Re: It said it made attempts to recall the emails,

      It more or less works if sender and all recipients are on the same outlook server... but ever under that perfect circumstance, if a recipient forwards the email before the recall, the recall is pooched. Recall just starts the Streisand Effect. Oooh, recalled... what's embarrasing here?

      6 0 Reply
  6. Flocke Kroes Silver badge

    "Church of England still has more to do to rebuild the trust ..."

    In terms of security, "trusted" means someone who can betray you. If the Church of England is doing nothing to rebuild trust then I applaud their inactivity.

    One of the things I hated is school was sitting through collective worship in the morning. Just being there could have contributed to convincing others that religion has some sort of legitimacy. Its turns out I might of had the legal right to simply walk away and wait outside. No-one mentioned the option. In the sixth form I did not turn up for collective worship at all. I just did some homework elsewhere and no-one complained.

    The house of lords is taking a step in the right direction. I hope they can change things for the better.

    2 1 Reply
    1. Fazal Majid
      Reply Icon

      Re: "Church of England still has more to do to rebuild the trust ..."

      The current government has promised to rid the Lords of its hereditary peers, but has not moved to kick out the lords spiritual, so no, that half-measure is mere window-dressing.

      3 1 Reply
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: "Church of England still has more to do to rebuild the trust ..."

      When I was a kid at school in the 60s we had to sing “God save the Queen” at morning assembly.

      Two kids from the same family had an exemption. They were open atheists, very rare back then.

      At the time of singing, the two kids were made to leave the group and stand 20 paces away.

      It was both compliance with their parent’s request and a way for the Headmaster to “out” or punish them in front of their peers.

      My tactic was to just change the words I sung.

      “God save our bikkie tin, don’t let the ants get it….”

      2 0 Reply
      1. nonpc
        Reply Icon

        Re: "Church of England still has more to do to rebuild the trust ..."

        The Saesneg version of the Welsh national anthem

        My hen laid a haddock on top of a tree,

        Glad barks and centurions throw dogs in the sea,

        My guru asked Elvis and brandished Dan’s flan,

        Don’s muddy bog’s blocked up with sand.

        Dad, Dad! Why don’t you oil Aunty Glad?

        When oars appear, on beer bottle pies,

        Oh butter the hens as they fly.

        0 0 Reply
  7. Brave Coward Bronze badge

    A business rinsing marks for "recalling emails"

    That's a great idea.

    But be sure to stress how these recollected emails would be incinerated in a responsible, sustainable and carbon-neutral way in your corporate advertisements!

    4 0 Reply
    1. b0llchit Silver badge
      Reply Icon
      Coat

      Re: A business rinsing marks for "recalling emails"

      I want my photons and electrons back!

      0 0 Reply
    2. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: A business rinsing marks for "recalling emails"

      Don't forget to throw in ... Blockchain & 'AI' as well !!!

      [Save 'post quantum decryption risks' for the final pitch when you get the mark Customer to sign the 5-year contract.

      :)

      1 0 Reply
  8. Anonymous Coward
    Anonymous Coward

    Does the jury believe that the same law firm would accept claims made against it that it might consider (but not proven) to be defamatory as just something the writer could say "oops, sorry" and they say "ok your apology is noted"

    Even before the nature of the information they carelessly handled.

    They deserve termination from the register if they cannot deal with simple affairs.

    3 0 Reply
  9. DS999 Silver badge
    Alert

    Email clients could and SHOULD address this

    If you have a list of more than say 25 To: and Cc: recipients it could pop up a warning about the large number of unblinded recipients and ask for confirmation before proceeding. It could be made smart enough to remember that you OK'ed it so subsequent replies to the same thread with the same set of recipients wouldn't require new confirmation. It could be an adjustable limit, so corporations could configure that number to their needs.

    Having one extra step requiring confirmation - similar to the warning I see from my email client when I use the word "attach" in some way and don't include an attachment - would avoid a lot of these messes, which typically involve hundreds or thousands of names and email addresses being exposed.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like