Email leaks continue

Filed under: Governance,Privacy,Security — lenand @ 6:42 am

The technique of allocating a unique email address to suppliers was discussed two years ago and Quarkside reported an incident of a company not maintaining privacy of an email address.  That company would not hit the headlines, however my latest example surely would.  This is the story.

I started receiving unsolicited emails from a Big C company. They used an address which I reserved for communications with a Big M Company.  They were not ever given permission for it to be given any third parties.  I asked Big M for the source of Big C obtaining my email address, asking for any evidence that it had been leaked or that I inadvertently given permission to share it.

Understanding the possible reputational damage to Big M, I exchanged half a dozen emails via their internal channels and received no explanation nor apology. Their final stance was for me to report the incident to http://www.actionfraud.com. I did not think it was appropriate as they do not have the resources nor justification to handle such an apparently trivial case.

I also asked Big C for an explanation, who said “Security is very important to us, and we will look into this issue carefully.” Needless to say, I heard nothing.  However, talking to a Big C senior vice president, my advice was to forget all about it.  I would only be regarded as an irritant and would not achieve any satisfaction from any Big company.

Both Big M and Big C should take such complaints more seriously.  If there is a breach of email contact databases, then here is some evidence that might help them to trace the source.  Another possibility is that an employee, present or past, has copied some email addresses for commercial purposes.  In either case, Information Governance processes should lead to an internal investigation, not a hand-off to ActionFraud or a vacuous email address.

Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: