One of the UK's biggest bailiff and court enforcement
groups has admitted to unintentionally exposing 600 e-mail
addresses to recipients of a debt-chasing message.
The Marston Group
last week sent a message demanding repayment on behalf of a loan
company, but failed to hide the addresses of all the
recipients.
The Westminster-based group used the standard e-mail addressing
method which allows recipients to see the e-mail addresses of all
other recipients.
The Information Commissioner's Office
(
ICO) said it expected companies sending bulk messages of this
kind to use the blind carbon copy e-mailing method so recipients
are not aware of who else received the message.
The ICO said the subject of the e-mail was sensitive and the
case was a potential breach of the
Data Protection Act.
The Marston Group said the addresses were released by accident
in a test of the e-mail system, according to
BBC
reports.
The company said it was conducting an investigation into the
matter and will take immediate steps to prevent it from happening
again.
Many organisations are behind the times in their management of
information security, said Tony Caine, vice-president of security
firm Borderware.
"Organisations need to take into account all aspects of data
protection. Typically, as we see here, the content and data leaving
an organisation is not protected," he said.
Caine said businesses should not leave security up to staff, but
implement measures to ensure security policies are enforced
automatically.
Email blunders, messaging mishaps and more...