Verizon Plays Fast and Loose with the Wrong 1,200 E-mail Addresses
October 15, 2008
From NetworkWorld: This should be a vendor’s first rule when inviting 1,200 IT pros to a seminar about securing data and protecting personal information: Make sure you protect the personal information of the 1,200 professionals you’re trying to impress.
How did Verizon do in that regard on Tuesday? They failed miserably … and not just once.
In a period of three hours David Williams, technology coordinator for a Texas school district, received 14 e-mails promoting Verizon’s ‘Secure the Information. Secure the Infrastructure’ webinar series, and three e-mails promoting their ’2008 Data Breach Investigations Report Road Show.’
The excessive volume of e-mail wasn’t the half of it, though.
“Considering their content (about data-breach seminars), I thought it very humorous that the TO: field of the e-mails contained over 1,200 e-mail addresses: 17 e-mails times 1,200 addresses equals more than 20,000 chances for leaks.”
Although the possible damage done is not as severe as it could have been in other cases (like “accidentally” exposing government whistle blower’s email addresses) it still had to be annoying as hell for the 1,200 recipients.
Nothing says “We’re highly trained professionals. Trust us with your valuable information” like Cc’ing over 1,200 IT security professionals in one shot.
