Privacy breaches because of mistakenly sending of emails via CC instead of BCC

Discussion in 'privacy problems' started by mood, Aug 6, 2020.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    43,289
    Metrolinx investigating privacy breach after 2K email addresses of fined riders revealed
    August 5, 2020
    https://globalnews.ca/news/7252617/metrolinx-compliance-services-emails-privacy-breach/
     
  2. shmu26

    shmu26 Registered Member

    Joined:
    Jul 9, 2015
    Posts:
    1,547
    I make this mistake sometimes myself, I put receipients in cc instead of bcc.
    If anyone has a suggestion how to avoid this mistake, I am all ears!
     
  3. RioHN

    RioHN Registered Member

    Joined:
    Mar 14, 2017
    Posts:
    117
    Location:
    Here
    It depends on the email system you use and whether you have individual or business accounts. As an example Office365 for business allows you to create mailflow rules which can be used to force BCC when emailing chosen distribution lists, or when emailing from chosen email accounts in your organisation.
     
  4. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    43,289
    'Adding insult to injury': another Dfat bungle reveals identities of Australians stranded overseas
    Exclusive: data breach involves email from Australian embassy in Paris to citizens who registered to return home
    October 22, 2020

    https://www.theguardian.com/austral...s-identities-of-australians-stranded-overseas
     
  5. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,372
    I would love to see email providers require a 2-3 digit little "approval PIN" before allowing a cc on my emails. Nothing serious security wise just a reminder flag so you would stop making a stupid/careless move on a transmission. At work we had an Admin Asst send a cc to over 500 folks instead of a bcc. It cost me and others many hours putting the bad PR fire out. It was a disaster for us. That was years ago but I still feel the pain.
     
  6. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    43,289
    Coil payments platform leaks user emails in 'Privacy Policy' update
    November 17, 2020
    https://www.bleepingcomputer.com/ne...m-leaks-user-emails-in-privacy-policy-update/
     
  7. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    43,289
    Bristol City Council Data Breach Revealed Names Of Disabled Children
    November 25, 2020
    https://www.silicon.co.uk/e-regulat...-city-council-breach-disabled-children-349140
     
  8. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    43,289
    Australia’s largest cryptocurrency exchange accidentally exposed the names and emails of 270,000 customers
    December 2, 2020
    https://www.businessinsider.com.au/btc-market-cryptocurrency-privacy-breach-2020-12
     
  9. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    43,289
    Work and Income privacy breach due to email mistake
    August 10, 2021
    https://www.stuff.co.nz/business/126016164/work-and-income-privacy-breach-due-to-email-mistake
     
  10. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    43,289
    350 Qld border-pass applicants caught in police privacy breach
    October 10, 2021
    https://www.theage.com.au/national/...in-police-privacy-breach-20211010-p58yp8.html
     
  11. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    15,426
    Location:
    The Netherlands
    Yes, it's crazy. My mother recently received an email from the hospital with all of the recipient's email addresses that were visible, so either she was an idiot who had never heard of BCC or she made a mistake.
     
  12. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    15,426
    Location:
    The Netherlands
    BTW, to clarify. It was not my mother who was the idiot, but the hospital employee who sent the email and happened to be female. :p
     
  13. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    43,289
    NHS Digital exposes hundreds of email addresses after BCC blunder copies in entire invite list to 'Let's talk cyber' event
    October 20, 2021
    https://www.theregister.com/2021/10/20/bcc_fail_nhs_digital/
     
  14. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    43,289
    HIV Scotland fined £10,000 for BCC email blunder identifying names of virus-carriers' patient-advocates
    October 25, 2021
    https://www.theregister.com/2021/10/25/hiv_scotland_email_fail/
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.