EmailDiscussions.com - View Single Post - Fastmail giving out email addresses without permission

brong · 14 Apr 2018, 03:42 PM

The issue has now been escalated directly to me, and I have replied outlining both the steps we have taken, my apology on behalf of the entire company, and what we can do in future to monitor the address and see if the exposure to a known third party has resulted in it being used by spammers.

I am quite happy to have all our interactions published.

My apologies for the delay in posting that initial response here. When I became aware of the issue, I was on a standing-room-only train at the time traveling to my father-in-law's house for family dinner.

Given that there was no timely element involved:

* the exposed data was an email address
* the related threat is receiving spam messages to the primary account name
* the mitigation is renaming the account, which can happen at any time and stop the flow of spam
* there was no evidence that there was an immediate flood of spam to the account, so delaying that rename by some hours made no difference

.. and since I've been overseas for the last month and this family dinner was the first one in a while, I politely waited until after dinner to sit down at my laptop and give this issue my full attention.

If my assessment of the urgency was incorrect, I apologise for that as well.

Regards,

Bron.

14 Apr 2018, 03:42 PM	#17
brong The "e" in e-mail Join Date: Jul 2004 Location: Melbourne, Australia Posts: 2,696 Representative of: Fastmail.fm	The issue has now been escalated directly to me, and I have replied outlining both the steps we have taken, my apology on behalf of the entire company, and what we can do in future to monitor the address and see if the exposure to a known third party has resulted in it being used by spammers. I am quite happy to have all our interactions published. My apologies for the delay in posting that initial response here. When I became aware of the issue, I was on a standing-room-only train at the time traveling to my father-in-law's house for family dinner. Given that there was no timely element involved: * the exposed data was an email address * the related threat is receiving spam messages to the primary account name * the mitigation is renaming the account, which can happen at any time and stop the flow of spam * there was no evidence that there was an immediate flood of spam to the account, so delaying that rename by some hours made no difference .. and since I've been overseas for the last month and this family dinner was the first one in a while, I politely waited until after dinner to sit down at my laptop and give this issue my full attention. If my assessment of the urgency was incorrect, I apologise for that as well. Regards, Bron.