14 DAY TRIAL // A customer-service director from a UK Internet service provider called Demon Internet inadvertently mass-emailed the personal details of over 3,600 subscribers. The company was trying to announce the launch of its new online billing system.
Demon Internet is one of the oldest British ISPs, being founded in June of 1992. It is also known for sponsoring some of the most long-time-running IRC servers on networks such as EFnet, IRCnet or QuakeNet and its top-notch technical support.
The Register reports that this latest privacy-breach incident occurred during the morning of September 23, when Demon customers who opted for the e-billing service received an e-mail announcing its availability. The message, signed by Simon Blackburn, the company's director of customer service, was supposed to provide the subscribers with their login credentials for the new system.
Apparently, the e-mail also had a .csv file attached, which contained the usernames and passwords of 3,681 customers, including their names, e-mail addresses and telephone numbers. Additionally, many of the subscribers whose details were exposed by mistake are business customers or government institutions, such as hospitals, local councils and even the New Scotland Yard.
A Demon Internet spokesperson confirmed the incident and said that the company was in the process of changing all login credentials that had been inadvertently leaked. It was also noted that there was at the moment no indication of abuse resulting from this breach and that all affected customers would be notified.
In related news, a British hosting provider called Poundhost made the classic mistake of adding the email addresses of its customers in the CC: field during an email-based marketing campaign. Many of them were not happy that their private addresses were exposed and one client reported receiving spam on his address because of the incident.
"An hour and a quarter later I received an apology from Poundhost, then 30 minutes later I received an email from one of their competitors starting 'Dear Poundhost Customer' and offering me six months free dedicated server hosting," he writes on his blog.