Between 8:58 and 10:20 BST this morning we sent an email to 3,521 of you that contained the names and email addresses of 46,524 of our readers. Obviously, this was an error. The two-stage send process that is the norm for all of our mailers was over-looked because someone was in a hurry. We would like to offer our genuine and …
You mean where they immediately and publicly admit to the error? As opposed to most of the places they report on who do their damndest tp cover the error up?
Nobody's perfect. It's how you deal with the imperfections that counts.
Exposing 46,500 odd peoples email addresses to spam and/or gawd knows what else, for something that is not their fault. Way to go.
Re: Posting the list to pastebin as we speak..
Assuming you're not just being humorous, remember that whilst you may be 'anonymous' here, the site probably knows a little more about you. And whilst El Reg can claim accidental disclosure, your actions are deliberate.
In other words, don't be an idiot.
Whose medicine exactly?
I must have missed the Reg articles where they boasted of uploading files to torrent sites. Twat.
My God - What a prick you are.
My father passed on very little to me, but he had an office policy. Everyone makes mistakes, learn from them and never hide them. He'd always give a mistake maker a second chance but finding an error was hidden made raining hellfire and brimstone quite pleasant by comparison.
I can see it's been posted on Pastebin.com already. What a nub!
You nasty man (@Pastebin A/C)
I hope your actions are illegal and I hope you get reported by the Reg, who most certainly know who you are. They screwed up and admitted it; you're just being a malicious little toad.
May the fleas of a thousand camels infest your crotch.
Shame to feed the troll but
You dickfaced cunting wankbag. I'm not often driven to posting obscenities on the internet, but I'll make an exception for you.
The beer's for me, I need to calm down again.
Hmm - and do you know for sure El Reg cannot see your login details?
Re: Posting the list to pastebin as we speak..
I'd say he was joking/trolling.
No sign of that list at pastebin (yet), I've checked.
Cease and desist your pompous tirade. OK, they screwed up. Everyone eats crow from time to time. OK, Reg. police thyself........
I didn't know I had a son called Philip, but that's always been my policy. There were only ever two meetings: "Do you know what you did wrong? Well, don't do it again," and, "You did it again. The door is over there, you'll be using it once more as you leave."
Oh noes! Everyone has my fictitious name and disposable email address.
PS Reg, on the very naughty step with you!
Dear Armitage Shanks,
Buy high quality porcelain toilets, low cost and fast shipping!
Chinese industry spammer
I already know who you are.
@"fictitious name and disposable email address"
I do wonder how much longer it will be before state data mining can associate disposable email addresses with real people. For example, I know for a fact the state has been able to identify people on Facebook for a few years now, including finding their phone number when their phone number isn't given out on Facebook and that includes knowing their email addresses and everyone they contact.
I think this variation on the idea of security through obscurity, of in this case, disposable email addresses, is becoming increasingly less likely to work.
The state through the endless guise of the perpetual war on terror wants to know everyones political thoughts to find the terrorists among us and that means finding and accumulating the political thoughts of everyone. Terrorists after all are the most extreme political dissidents but then all of us who simply hate the corrupt lying arrogance of the governments and banks are by definition a political dissident, as in disagreeing or dissenting, with the state opinions which they arrogantly hold to.
Plus more than a few of us show our free thinking dissent of the government on sites like The Register, so the state would happily add and collect email lists from sites such as this, (if they could get them). More educated free thinkers are after all, historically some of the first political dissenters of each generation of governments because they don't blindly follow what they are told. Therefore governments would secretly happily want lists of email addresses from sites with higher percentages of free thinkers and sure there will be a lot of false positives from any list, but that false positive reduces over time as more data becomes available from ever more sources cross referencing with the accumulating data, so its a continuing process of accumulating ever more information to increasingly highlight the degree of political dissent.
It doesn't worry me and frankly I think the government can fuck off with its greed and arrogance at our expense (literally) and I would happily say that to any MP's face. But I do think the whole idea of a fictitious name and disposable email address is becoming increasingly less likely to work and the state will continue to do all it can to expose everyone to it in every way it can. They are determined to do that, not least by continuing to make deals with the bigger companies to find more information on everyone. I just think its inevitable.
Of course as usual, the ignorant and the two faced will deny what I've said. The ignorant continue to fail to learn and the two faced don't want to learn, because they secretly want an ever more controlled state.
For anyone else who doesn't yet know, but does want to see some evidence, check out something called “NarusInsight” e.g. http://en.wikipedia.org/wiki/Narus_(company)#NarusInsight
Also here's some info on the big databases more countries are build on people, e.g.
There's many more examples like this I could give of increasing state database building and increasing state spying on all of us, but I think most of us already know this. So I have to wonder why the myth of "fictitious name and disposable email address" is still perpetuated?. It really can't work for much longer and I very much doubt it works even now.
""fictitious name and disposable email address"
I do wonder how much longer it will be before state data mining can associate disposable email addresses with real people."
If the data truly are fictitious then this ought not to be possible. My registered name and address were selected using common sense techniques, including facilities available online. That doesn't mean 'traceably' and it doesn't mean I fell into the trap of selecting data that I somehow liked or chimed with my personal circumstances and ID. How fortunate, because I am one of the "3,521 individuals".
Interestingly the Register asked me to delete any data I'd wrongfully received, but I don't think I did. However, because I'm mostly unable to spare time for lists and the like I've been deleting all mail apart from that which seemed important; clearly the latter looked that way. A quick check in my password database shows I ought not to worry on my own behalf and I wish the same for others.
Press the unsend button!
unsend button = Best...invention...eva...
I'm just left wondering how many companies will claim they own the patent on this, when someone does actually make this practical on normal mail servers (MS exchange's recall facility not included).
Re: unsend button = Best...invention...eva...
Doesn't the unsend button involve spinning up the Goldeneye satellite, though?
> You only need one person out of the 3,512 people to be a shit. And to be honest, that's quite likely :)
These are Reg readers, expect something more original than that!
Thank goodness I only gave you my garbage (see HotMail) email account. At least you didn't post my password, which is unique to this site and highly secure (note to self, must change password - probably add a 1 on the end. Yeah, that'll do it)
and from email@example.com
says it all ...
When will you be sending it out the the remaining 43,003
It's only fair.
My faith in humanity has hit rock bottom*
1). Is the number 46,524 all of your users, or is it a selection of the users?
2). How do we know if we were included in the list?
* Well, what little I had left.
I did post earlier that someone wasn't in the list I received, but it occurs to me now that this list is probably compiled from real name fields, and that your comment handles may well be (and it seems, often are) different from the name you input, so I will shut my trap and let El Reg answer from here on in.
Re My Alter Ego
Re (2) - tell you what; you send me your email address and I'll tell you if it's on the list they sent me ;-)
On point number 2
I would say that the fact that I haven't yet recieved a mail from El Reg today could mean that my address was inserted into the content rather than the Recipient field!
Can anyone at Vulture Towers who knows what went wrong give me some reassurance that I'm mistaken?
Yes; that was what I was wondering; should I assume my email is compromised?
It's not a huge issue to me (spammers have it already) but it would be nice to know. Will you be doing due-diligence and informing all those who have had their mail exposed?
The emails are in plain text in the body of the message.
Definitely not what one expects to find in the <emails to ancient account box> in the morning.
1) It's a selection of users, the ones who have at some point opted-in to receive events-related marketing mail from us.
2) If you're affected, you'll get a message shortly to say your details were leaked.
Just checked and "Owen Carter" is not on the list. The list was supposed to be for a "cloud" webinar so probably not all Reg readers where included.
For me however... looks like I'll find out just how good my anti-spam filter is :-(
"Is the number 46,524 all of your users"
As of this moment in time it seems the last registered person was called ashR and he was user 54159
"Frankie" has the honour of being user number 1
If you didn't see this, probably not...
Well I got an email telling me I was on the list - lets see if it gets past the meoderators:
This morning the name and email address you used to register for The
Register was mistakenly sent to 3,521 individuals, also readers of
We've contacted them asking them to delete the email and respect your
We are of course terribly sorry for this error and have reported
ourselves to the ICO. Our initial statement is here:
You are free to edit or delete your account details here:
If you have any questions or would just like to rant at us please
send emails to mailto:firstname.lastname@example.org
Just read my own copy of the above email. Ok El Reg this is serious - if I start getting links to hardcore pornography or invitations from young ladies in my area who are 'up for it' then I will, er, hang on a mo, then I will, um, look I am bit busy right now let me get back to you Ok?
Kinda split on this - half amused because it's you guys, but also as unimpressed as I would be by anyone else chucking my info around. I did get a copy, and it looks like someone pasted a big CC set in the wrong field and then didn't proof-read anything... Can we get a "rolling my eyes" icon?
Did decide to have a shuftie through the list for rude words and spambots, just because I'm a sad shit.
Didn't proof-read anything?
That doesn't sound like the standard operating procedures at el Reg at all!
lucky I signed with a secondary email conceived only for transient signs ups and to attract spam.
"We are in the process of blowing the whistle on ourselves"
PlayMobil or it didn't happen!
This would make a good start:
But you *will* be informing those who had their emails compromised, won't you?
no, they'll be mailing everyone else by mistake
( BOFH episode 15 )
I admire your honesty
...And prompt announcement that you are human, just like the rest of us.
So many other companies attempt to make themselves look infallible.
Human? I wouldn't go that far
I rather suspect that the Reg staff are emissaries from the planet Vulton, where the Vulture People rule, and are here to enslave us!
I believe that there plan is to post so many ridiculous RoTM stories, like killer loos and such, that we become inured to the news, and don't notice when the killer vulture death robots are landed, and start harvesting us all for meat.
I'm not quite sure how this particular security breach fits in with the plan though.
Perhaps they've decided we're the techno-elite of the world, and this list has been leaked in a transparent attempt to shift the blame when we're all, ruthlessly terminated. Or perhaps it was just a cut 'n' paste error, as they were uploading this targeting list to the robo-death vulture fleet that is attacking at this ver...........
[sound of static]
I'm a bit more cynical
Honesty yes, but necessity born of damage limitation. The mistake would be bound to come to light - so many people know about it - and if the site hadn't put its hand up to it immediately it would have been sunk.
They sent it out to 3500 furrytooths...
...keeping it secret wasn't an option. Fessing up and paying the price was the only possible course of action. And that price is that the Reg is going to have the piss taken out of them for the rest of eternity.
I wouldn't like to be the next Reg staffer who has to write a story about a data escape.
- Twitter: La la la, we have not heard of any NUDE JLaw, Upton SELFIES
- China: You, Microsoft. Office-Windows 'compatibility'. You have 20 days to explain
- Apple to devs: NO slurping users' HEALTH for sale to Dark Powers
- Is that a 64-bit ARM Warrior in your pocket? No, it's MIPS64
- Apple 'fesses up: Rejected from the App Store, dev? THIS is why