back to article T-Mobile slip exposes 1,100 punters' email addresses

Subscribers to T-Mobile's Hothouse - a focus group-like mailing list - got an added benefit this morning: the email addresses of everyone else on the list. The gaffe was swiftly followed by an apology and a request to delete the offending information. The mistake was a failure to use our old friend Blind Carbon Copy (BCC) by …

COMMENTS

This topic is closed for new posts.
  1. Stuart Moore
    Facepalm

    Fix in software?

    I'm surprised that most mailservers don't have a setting so that if you're sending to more than e.g. 20 people in the To/CC line, it sends you back something saying "Are you sure? Click here to continue". Certainly would save a lot of red faces...

    1. The Original Steve

      There is

      Rule based filters such as MailMarshal will do it.

      1. Anonymous Coward
        Anonymous Coward

        Or you could...

        ... use (insert list of suitable buzzwords here) pre-existing software called a "mailing list manager". There's several free ones, as well as various commercial and "managed" solutions. It's the sort of thing you should ask your systems administrator to provision instead of muddling along with your proprietary messaging client with spreadsheet integration, though. And if this props up a service the company is making money with, then a bit of automation and fool-proofing isn't bad, no?

    2. Captain Scarlet Silver badge

      Re: Fix in software?

      In regards newsletters I prefer marketing use professional companies as the majority of company email systems are setup for internal use and not external use (Previously using very restrictive email rules I know users don't care and feel any rule applied is unreasonable). Obviously then if anything goes wrong you can also blame them.

    3. ElNumbre
      Thumb Up

      Re: Fix in software?

      I seem to remember that it was a on option on the SMTP relay connector when I did my Exchange 2003 training back in err, 2003. I can't speak for any other software, but yes, it is feasible.

  2. Anonymous Coward
    Anonymous Coward

    bcc?

    A lot of the time bcc field will be displayed in the header, so not a very good solution either.

    1. Lee Dowling Silver badge

      Re: bcc?

      I've never seen that on a working mail server or client, but I'd be throwing it in the junk pile if it ever did such a thing.

      I suppose there's nothing to a stop a mailer leaking that info but, come on, use some decent software. BCC has the B for one, sole, primary reason - so that NOBODY KNOWS who else you sent it to but the mailserver. Any piece of software that pushes the BCC data into the email or headers should have been consigned to the scrapheap years ago.

    2. Bonce

      Re: bcc?

      [Citation needed]

    3. Ben Tasker
      Joke

      Re: bcc?

      A lot of the time bcc field will be displayed in the header, so not a very good solution either.

      Stop using Exchange then!

  3. Anonymous Coward
    Anonymous Coward

    "recall" attempts

    Another office drone bitten by false promises made by (deliberately) email-incompatible "office collaboration solutions". Major black marks for a specialist company letting slip not actually possessing relevant domain-specific specialist knowledge.

    On another note, who's on that list then? Rag hacks and channel wonks? Other kinds of suit-wearing monkey? Or what does constitute a "focus group" these days?

    1. ElNumbre
      Joke

      Re: "recall" attempts

      My name is on the list.

      (Don't tell him Pike).

      In all honesty, I probably wouldn't have noticed if they hadn't tried the recall option.

      <jk>However, I am wondering how much an unscrupulous phone retailer might offer for a list of tmo customers.</jk>

  4. Anonymous Coward
    Anonymous Coward

    Didn't someone tell them

    Recall only works for receipients on Exchange mail servers in the same domain where the mail has not been opened.

  5. jeremyjh
    Facepalm

    Use a proper campaign emailer

    Using a proper mailing list manager would definitely have been a good idea.

    My day job involves emailing up to 65,000 people at a time. Yes, these are people who have intentionally opted in to receive the information concerned.

    We've been using our (hosted) provider for a year and a bit. In that time, I've sent 6,000 blank emails and a couple with broken links. These were embarrassing, but at no point did someone get a big bunch of data about other people. What surprises me is that an organisation on the scale of Everything Everywhere hasn't got both access to a proper mailing list manager and adequate rules about using it.

    A south-west London branch of the budget wing of a massive French hotel chain did this to me not so long ago. It was tempting to cc the ICO into the reply...

  6. Fibbles

    Recalling Emails

    Quick, close the stable doors! The horses have escaped!

  7. Anonymous Coward
    Anonymous Coward

    Hire a real Tech

    That author had never heard of: LISTSERV, Mailman, or RSS.

  8. Alan W. Rateliff, II
    Paris Hilton

    Reg did it, too...

    Yeah, T-Mobile are definitely not the first, or last, to perpetrate this. El Reg did it earlier this year. tsk tsk tsk I hardly think Ms. Bee would have approved nor let the event go unpunished.

    Paris, Ms. Bee does NOT approve.

  9. Henry Wertz 1 Gold badge
    FAIL

    Recall? Fail

    Sending with "To" instead of BCC? Pretty bad but whatever. Recall? What a fail, obviously these people don't have a clue how E-Mail works. Clue: E-Mail does not have a recall option.

This topic is closed for new posts.

Other stories you might like