Verizon Exposes the Wrong 1,200 Email Addresses 94
netbuzz writes "If you're going to market your expertise by inviting 1,200 IT professionals to a seminar about securing data and protecting personal information, it's probably a good idea to protect the personal information of those you invite. On Tuesday, Verizon forgot that advice and blasted each of the 1,200 email addresses to everyone on the list ... and they did it 17 times."
Blunder (Score:5, Insightful)
Whenever email scripts have too many recipients, they do tend to refresh and try again, which can cause dupes. These addresses were likely supposed to be in the BCC field, or nonexistent (duh). So it was a mistake.
That's an embarassing blunder, to hold a seminar on keeping private info secure and then spamming who is attending the seminar. I wonder how much time they will spend on that blunder, explaining how it can happen to anyone, even the mighty Verizon, but this foolishness will not strengthen Verizon's sales pitch.
Spammers attend these conferences. Now spammers have known email addresses of everyone there.
This would only make a difference if spammers made money based on sending targeted email. They don't. They make money based on volume of addresses when a shady merchant pays them. So maybe they could make $25 on this list?
Apart from making one person in Verizon look stupid, this also enforces the theory that it only takes one idiot to... the whole internet.
Title is Misleading (Score:5, Insightful)
/bad title?
Re:Title is Misleading (Score:4, Insightful)
Sometimes you can get away with doing something stupid because nobody notices.
This was not one of those times.
Re:Title is Misleading (Score:4, Insightful)
Re:Title is Misleading (Score:5, Insightful)
It's not that Verizon exposed "the wrong" 1200 emails, it's that Verizon exposed any email addresses at all.
If ever there was a worst-case-scenario set of 1200 email addresses, this list was it.
Re:Title is Misleading (Score:3, Insightful)
Just more of the same from Verizon (Score:3, Insightful)
Note that their cell phone business is completely separate from the rest of the morons. Neither business unit talks to each other and neither knows what the other is doing. If the wireless side of the business had any brains they would split off and change names. Verizon is associated with incompetence and greed.
Re:Title is Misleading (Score:5, Insightful)
Yes and no. In terms of potential harm done, these people are much more equipped than your average person to be able to mitigate this fuck up.
On the other hand, if there was ever a subsection of people who you donn't want to piss off in this regard....
I think it's awesome. (Score:2, Insightful)
Maybe now we can have secure, authenticated email.
It's only laziness and the lack of any security mandates that prevents us from having decent email.
Re:I know this is /. and all... (Score:5, Insightful)
Except that there is absolutely nothing to distinguish some clerical errors and actual security issues. If information is leaked by clerical error, it's leaked just as effectively as if it were hacked out of an on-line database through cross-site scripting. Maybe more effectively.
Re:I think it's awesome. (Score:3, Insightful)
I'm sure the lack of any authenticating authority doesn't make it any easier.
Re:Blunder (Score:3, Insightful)
Re:Title is Misleading (Score:2, Insightful)
That doesn't seem like the wrong van. Seems a reasonably high value score for robbing a van. They weren't caught (at least when that article was written) after all.
What a coinsidence - bandwidth.com - same today (Score:2, Insightful)
Some bandwidth.com representative sent an email to 1,300 of their customers this morning. The reply list was so big it crashed Evolution when opened.
One interesting thing about the event was that a great discussion raised from it. Customer's were bouncing ideas off each other, asking what their different configurations were, etc. Some were whining about the service or complaining that we should stop spamming them.
Then, shortly afterward, in the middle of some pretty decent discussion - the CEO of Bandwidth.com sends out an email saying that people are fired, they care about security blah blah..
What this guy failed to do was seize the moment and take the opportunity to start a blog or forum to keep the discussion going..Instead, he fired some poor schmuck(s) over an error that could of happened to anyone.
What about actually addressing some of the concerns and ideas that were brought up?
Just bad leadership from that guy - I would love his job.