Bcc blunder leaks details of Silk Road Bitcoin bidders
Could someone please send the US Marshals on an email 101 course?
It’s something you should learn pretty early on in your online life.
If you want to copy someone on an email message, but *don’t* want others on the address list to know, you use the bcc: field.
The “B” in bcc: stands for “blind”, masking that you have sneakily let someone else see what you have sent, without the risk of causing offence to the main recipient. But it can also be used for non-sneaky purposes too.
For instance, if you need to send a message to a list of people but want to respect their privacy, you would add all of the addresses to the bcc: field rather than cc: them.
Everyone should know this, but even if they’re aware – mistakes still happen, as the US Marshals has just demonstrated.
As Coindesk reports, a classic bcc/cc error by the US Marshals Service (USMS) has leaked the email address of everyone interested in the auction of 29,656.51306529 bitcoins confiscated from the Silk Road blackmarket site.
Bidders for the bitcoin haul, which is worth an estimated $18 million, are asked to stump up $200,000 to take part in the auction.
But now, thanks to someone at the USMS putting the list of interested parties in a cc: field rather than a bcc: the details have leaked out.
The USMS apologised for the privacy breach, and emphasised that inclusion on the list did not necessarily indicate that a particular party was bidding for the bitcoins.
“One of the emails that we sent out this morning inadvertently showed a list of some of the individuals who have asked a question or questions about the pending bitcoin auction. We apologize for the error.”
I’m sure that the US Marshals are mortified by their silly blunder, and will learn to be more careful in future. But I can also understand the disgruntlement of those who have had their private email addresses and contact with the USMS over the auction made public.
The auction is due to take place on 27 June, with bidders notified of whether they had been successful by the end of the month. One can only hope that that notification will happen a little more privately…
Of course, the US Marshals are in good company when it comes to making such a blunder.
Past culprits have included the Taliban spokesperson who accidentally leaked his entire mailing list of over 400 contacts, and organisations that you would really hope would know better – like GCHQ and the UK’s.
What’s the biggest email blunder you have ever made? Leave a comment sharing your story, and perhaps you can exorcise your embarrassment once and for all.
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War
August 31, 2022
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor
August 30, 2022
What is medical identity theft and how to protect against it
July 27, 2022
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside
June 28, 2022
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online
June 28, 2022