Submitted via IRC for Fnord666
Ad-blocking tool Ghostery suffered from a pretty impressive, self-inflicted screwup Friday when the privacy-minded company accidentally CCed hundreds of its users in an email, revealing their addresses to all recipients.
Fittingly, the inadvertent data exposure came in the form of an email updating Ghostery users about the company's data collection policies. The ad blocker was sending out the message to affirm its commitment to user privacy as the European Union's digital privacy law, known as the General Data Protection Regulation (GDPR), goes into effect.
The email arrived in inboxes with the subject line "Happy GDPR Day — We've got you covered!" In the body of the email, the company informed users, "We at Ghostery hold ourselves to a high standard when it comes to users' privacy, and have implemented measures to reinforce security and ensure compliance with all aspects of this new legislation."
Source: https://gizmodo.com/ad-blocker-ghostery-celebrates-gdpr-day-by-revealing-hu-1826338313
(Score: 3, Funny) by Ethanol-fueled on Sunday May 27 2018, @07:00PM (9 children)
It's an easy mistake to make.
A mildly-amusing true story. A guy at work's wife had a kid and the announcement was emailed to Bostondynamics_everyone. Then came the congratulations, and everybody who had a nice word to say (there were a lot of them) were all hitting reply-all instead of congratulating just the guy. Email slowed considerably, and finally some angry dude sent a mail like "Stop hitting 'reply-all you idiots!"
(Score: 5, Touché) by maxwell demon on Sunday May 27 2018, @07:22PM
Wait, they have a special button to only reply to the idiots? :-)
The Tao of math: The numbers you can count are not the real numbers.
(Score: 2) by requerdanos on Sunday May 27 2018, @07:26PM
That sounds reasonable.
Unless.... Let's step back and get a little perspective.
I respectfully disagree; that actually sounds like it's one of the less easy mistakes one might make.
I am actually kind of curious what mitigation steps ghostery plans to take to remove the likelihood of this happening again.
If violating your privacy is a pretty easy no-biggie mistake for your privacy software vendor, you probably have the wrong vendor looking after your privacy.
(Score: 2) by Gaaark on Sunday May 27 2018, @07:29PM (1 child)
Some angry dude with the initials E-F by chance?
:)
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 1) by Ethanol-fueled on Sunday May 27 2018, @07:54PM
No, I was probably one of those idiots who congratulated and hit reply-all.
(Score: 2) by stretch611 on Sunday May 27 2018, @07:34PM (1 child)
It is an easy mistake to make... for a human.
However, if you have a list the size of theirs and/or are with their recognition, something like probably isn't done by human.
This size of a list should be automated, and this is the reason why developers are supposed to test systems.
This is one of the things that the GDPR tries to stop and they deserve whatever fines are imposed. They have no excuse except their incompetence.
Now with 5 covid vaccine shots/boosters altering my DNA :P
(Score: 0) by Anonymous Coward on Sunday May 27 2018, @07:44PM
Why do you think a human was not involved? The mistake could have occurred this way:
(Score: 3, Informative) by wonkey_monkey on Sunday May 27 2018, @08:59PM
Pretty easy mistake to catch on an outgoing email server, too, surely?
if (email->num_recipients>20) { email->quarantine(); alert_richmond(); }
systemd is Roko's Basilisk
(Score: 3, Interesting) by Mykl on Sunday May 27 2018, @11:47PM
Similar thing happened at a large government department years ago. However, the guy who wrote "Don't reply-all!" in a reply-all was also yelled at by others, writing "Don't tell us not to reply-all in a reply-all you hypocrite!".
Things devolved from there and a few hundred messages later (including messages like "Hi Mom" and "This is fun!" to tens of thousands of recipients), IT shut the entire service down for several hours to put a lid on it.
Your tax dollars at work.
(Score: 2) by FatPhil on Monday May 28 2018, @08:29PM
Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves