Experts Reacted On News That Micropayments Company Coil Exposed Hundreds Of Customer Email Addresses

Micropayments company Coil has emailed users its new privacy policy but, in error, put hundreds of their users’ email addresses in the “To:” field – breaching their privacy.

Coil has become aware of the incident and sent an apology email with a subject line “Please forgive us”.

More on that story here: https://www.theregister.com/2020/11/17/coil_email_data_breach/

Subscribe
Notify of
guest
1 Expert Comment
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Ilia Kolochenko
Ilia Kolochenko , Founder and CEO
InfoSec Expert
November 17, 2020 2:24 pm

I think security risks stemming from this particular incident are from low to zero. Emails, abstracted from other PII that was reportedly not affected in any manner, are of no value for cybercriminals who enjoy billions of compromised records with full stacks of highly sensitive data being accessible on the Dark Web. Moreover, emails can frequently be found on Google or even at corporate websites. Furthermore, given that the emails are only disclosed among a limited number of the affected users, it is unlikely any regulators will have strong enough interest to intervene and are more likely to issue a warning at best. Likewise, victims will highly unlikely have an actionable legal claim under the circumstances, even less likely to monetary compensation.

Obviously, the surrounding context of this regrettable incident is pretty unusual and embarrassing but no one is immune from human error. Probably, many of the affected people were working or supporting an organization that had committed a similar mistake in the past: there is nothing you can do to entirely eliminate the human factor. I do understand the rage of the affected users, however, any propagation of the disclosed emails to third parties or share them in social networks may trigger legal ramifications for them. I think the company and the affected users will find a mutually acceptable settlement soon and turn the page.

Last edited 1 year ago by Ilia Kolochenko
Information Security Buzz
1
0
Would love your thoughts, please comment.x
()
x