Slashdot Mirror

← Back to Stories (view on slashdot.org)

Verizon Exposes the Wrong 1,200 Email Addresses

Posted by timothy on from the but-this-was-the-before-picture dept.

netbuzz writes "If you're going to market your expertise by inviting 1,200 IT professionals to a seminar about securing data and protecting personal information, it's probably a good idea to protect the personal information of those you invite. On Tuesday, Verizon forgot that advice and blasted each of the 1,200 email addresses to everyone on the list ... and they did it 17 times."

3 of 94 comments (clear)

  1. Simple fix: boycot & save time by Alwin+Henseler · · Score: 4, Interesting

    If I were one of those invited, then a thing like this would immediately make me loose interest in whatever they'd have to say. Show in advance you can't do yourself what you're preaching about. Duh!

    I'd just decline the invitation, and spend my time elsewhere (probably more productive). If a majority of the invited folks would do this, the event would be dead in the water. Killed by stupidity of the organization.

  2. Re:Blunder by omega_dk · · Score: 5, Interesting

    That would be insightful, if it were not so clearly wrong. Plenty of spammers target specific individuals; see http://searchcio.techtarget.com/news/article/0,289142,sid182_gci1259674,00.html for a specific example. Now, one could argue that targeting IT professionals would be an exercise in futility. Would you bet your livelihood on it? Would you bet access (possibly high-trust access, depending on how high up this IT professional is) to your company's network on it?

    Because that's what's at stake. It's not a question of sending email selling \/|agra to these people. It's a question of a very specific, highly targeted spam operation with the express purpose of getting access to the networks of these specific individuals, in the hopes that they can provide the access the infiltrator would want to the company as a whole.

    Now, I am not saying that this is a big deal; it's not like these emails wouldn't have been available from some other source than this email list. However, I will say that by completely dismissing an entire segment of spam email, that of targeted emails to specific individuals, you are unnecessarily lulling both yourself and anyone who reads your comment into a false sense of security. Highly targeted spam is a real risk; don't discount it as a very real attack vector. You must be ever vigilant, and I don't think you can be with that kind of attitude.

    --
    Just because you don't like the truth, does not make it false.
  3. Re:Blunder by Obfuscant · · Score: 3, Interesting
    Now, one could argue that targeting IT professionals would be an exercise in futility.

    Similarly, you'd think that spamming "postmaster" or "abuse" at a domain would be futile and wasteful, but I get more spam there than at my actual address.