It happens to the best of people...
El Reg in email address blunder (24 Oct 2011)
So, very nearly 10 years on, the same problem keeps on happening. We should not blame the victim, we should blame the software design that allows bungles like this to happen. Both email clients and MTAs should work together to query over-long CC-lists, but I recognise that the technical problem is not easy to solve. Setting up an MTA to refuse to forward an email with more than a set number of CC (or even direct) recipients is easy (deciding the 'set number' isn't), but if an email address is actually a mailing-list address, you can still (embarrassingly) send an email to all the inboxes of an entire organisation with a single entry in the To or CC field.
My email client tells me if I have an empty subject field. It does some pattern matching to ask if I have forgotten an attachment if an email contains certain keywords and lacks an attachment, so I think it is reasonably possible to have a client that warns on a long CC-list. Similarly, an MTA could put an email with a long CC-list in quarantine and send a message back to the sender asking if they are sure it should be sent. Really sensitive stuff could require two separate accounts to agree to release an email from quarantine.
Relying on fallible humans to get it right every time is a recipe for disaster. Lives really are at stake.
NN