Community Edition
Total Tests:
This Week:
Today:
Recent Blog Posts
An Ex-Amazon Security Engineer Gets 3 Years In Jail For Hacking And Crypto Theft
April 18, 2024
Hacker Fakes His Own Death To Avoid Child Support Payments
April 11, 2024
ATM Skimming Ring Leader Sentenced To 75 Months In Prison
April 4, 2024
German Authorities Dismantle the Nemezis Market Dark Web Marketplace
March 28, 2024
A Cybercrime Ring Responsible For Hijacking Over 100M Email, Instagram Accounts Dismantled
March 21, 2024
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

ImmuniWebInternational Media Coverage

Experts Reacted On News That Micropayments Company Coil Exposed Hundreds Of Customer Email Addresses

By Ilia Kolochenko for Information Security Buzz
Wednesday, November 18, 2020

Micropayments company Coil has emailed users its new privacy policy but, in error, put hundreds of their users’ email addresses in the “To:” field – breaching their privacy.

Coil has become aware of the incident and sent an apology email with a subject line “Please forgive us”.

Experts Comments

Ilia Kolochenko

I think the company and the affected users will find a mutually acceptable settlement soon and turn the page.

I think security risks stemming from this particular incident are from low to zero. Emails, abstracted from other PII that was reportedly not affected in any manner, are of no value for cybercriminals who enjoy billions of compromised records with full stacks of highly sensitive data being accessible on the Dark Web. Moreover, emails can frequently be found on Google or even at corporate websites. Furthermore, given that the emails are only disclosed among a limited number of the affected users, it is unlikely any regulators will have strong enough interest to intervene and are more likely to issue a warning at best. Likewise, victims will highly unlikely have an actionable legal claim under the circumstances, even less likely to monetary compensation.

Obviously, the surrounding context of this regrettable incident is pretty unusual and embarrassing but no one is immune from human error. Probably, many of the affected people were working or supporting an organization that had committed a similar mistake in the past: there is nothing you can do to entirely eliminate the human factor. I do understand the rage of the affected users, however, any propagation of the disclosed emails to third parties or share them in social networks may trigger legal ramifications for them. I think the company and the affected users will find a mutually acceptable settlement soon and turn the page. Read Full Article


Previous Media Publications:

ITWeb: Outsourcing espionage: A new era in cyber crime

CPO Magazine: Data Breach Index Site Leaks Over 23,000 Hacked Databases Exposing Over 13 Billion User Records

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
Your data will stay private and confidential