Ten Worst Email Gaffes of 2009

On the list of offenses that can be committed via email, many of us are guilty of petty crimes. Whether sending a hasty email to the “wrong Bob”, accidentally replying to the entire department when you meant to send a heads-up to a co-worker, attaching the wrong document to a message, or perhaps mistakenly forwarding a message that contains past messages you’d rather the recipient hadn’t seen, most of the time an email gaffe ends up a non-issue or blows over pretty quietly. After all, to err is human.

Sometimes, though, it doesn’t blow over. When a steamy or scandalous email is leaked or sent to the wrong person, it can become viral, spreading at an exponential rate across the internet, and wreaking havoc with reputations. This is especially true when a large organization or famous politician is at the heart of the story. A media circus ensues, careers might end, and some people (we hope) learn the valuable lesson that email is not a secure medium of communication.

Whether an unfortunate email-related blunder puts graphic “love” letters squarely in the public eye or has instead exposed some acute corruption, it can certainly be said that the email gaffe has become the faux-pas of our technologically savvy generation. However, the following list of the top ten worst email gaffes committed this year may indicate that we’re not quite as technologically savvy as we think.

10. RockYou Accidentally Displays Entire Mailing List Twice

In September of 2008, RockYou – a rising start-up that makes apps for popular social media sites like Facebook and Myspace – sent out an email to all of their customers and associates announcing a new website redesign. The problem was that instead of using the BCC (blind carbon copy) field, which keeps the email addresses of other recipients hidden, RockYou displayed their entire mailing list in the CC field. This is a very effective way to accidentally put your loyal customers and friends on a slew of spamming lists, but decidedly not an effective way to keep them loyal.

But that’s not all: last January (which qualifies them for our 2009 list), the start-up did the exact same thing again. These two mistakes – in addition to the fact that RockYou also mass-emailed contractors requesting tax information in message that allowed the contractors to accidentally email said tax information back to the whole mailing list – earns RockYou a place of dubious honor on this list.

9. UC San Diego Accidentally Sends Acceptance Email to All Applicants

In mid-March, over 46,000 students received welcoming emails of admission to UC San Diego. Unfortunately, only 18,000 of the students actually got in. The school’s admissions office mistakenly sent the email message to the entire freshman applicant pool, giving false hope to over 28,000 students for a few hours, at which point a corrective and apologetic email message was sent out.

There is no doubt that the UC San Diego admissions office has learned a valuable lesson about accessing the correct database and the 28,000 students whose dreams were crushed have learned a valuable life-lesson about hope.

8. Rocky Mountain Bank in Wyoming Sues Google Over Own Mistake

In September, a Rocky Mountain Bank of Wyoming employee mistakenly sent an email containing confidential data (names, addresses, Social Security numbers, loan information, etc.) on 1,325 customers to the wrong Gmail account. A bank customer had requested his own information be sent to his Gmail account, but the bank accidentally sent an attachment (unencrypted) containing all of their customers’ information, and didn’t even get the email address correct. After realizing his mistake, the bank employee sent another message demanding that the email be deleted without opening.

When this following email received no reply, the bank contacted Google, asking them for information on the account (to whom it belongs) and requesting that Google delete the email from the user’s inbox. Google denied the request, stating that this would be in violation of their privacy policy. At this point, Rocky Mountain Bank took Google to court to try and force Google’s compliance. In a stunning verdict, a judge ordered Google to shut down the account, which they did. Then, Google and Rocky Mountain Bank decided they didn’t want the account shut down and they would work together to resolve the issue. Google destroyed the message, which was never opened in the first place.

7. FBI Director Robert Mueller Admits To Clicking on Phishing Email

In what he referred to as a “teachable moment”, FBI Director Robert Mueller nearly surrendered his personal banking information to a phishing scam, after clicking on and beginning to follow the instructions of a phishing email allegedly from his bank. This candid moment was revealed by FBI Director Mueller during a speech in San Francisco on online security. His wife’s response to his misstep: “No more internet banking for you.” You might want to restrict his email access as well, Mrs. Mueller.

6. Damian McBride’s Leaked Smear Campaign

One of English Prime Minister Gordon Brown’s most loyal and trusted advisors was fired in September after emails containing “vile” and false accusations against a number of political opponents were leaked to the press. The emails amount to an attempted smear campaign against several prominent Tories (Conservative party members). The Prime Minister disavowed any knowledge of McBride’s emails, which suggested (among other non-substantive claims) that one homosexual MP (member of parliament) was using his position to promote his boyfriend’s business, another MP was a transvestite, and another was riddled with sexual diseases. McBride has stated that he is “shocked and appalled” at the manner in which his emails have been used against him.

5. Green Party Celebrates Anti-Spam Legislation by Sending Out Unsolicited Emails

Ireland’s ecologically-minded Green Party mistakenly sent out unsolicited emails in early January to many technology bloggers during the same week in which the party announced new anti-spam legislation. The Green party’s message invited bloggers to take part in a “viral video” contest and were sent out two weeks after new regulations were signed into effect allowing fines of up to 250,000 Euros (over $320,000 USD) for firms who send unsolicited emails and text messages.

4. State Department’s Email Infrastructure Crashes

Also in early January, a reply-to-all frenzy brought down the email infrastructure at the US State Department. The frenzy began when diplomats received a blank email sent to the department’s global address list. Users emailed back asking for explanation and to be taken off of the list, using the reply-all function, which sent their request to everyone on the global address list. This prompted inquiries and comments, some of which were also sent using the reply-all function. These messages then prompted the classic “Don’t send your message using ‘Reply-All’ because it will crash the email!” message which was sent using the reply-all function, of course. Soon, email messages overloaded the system and it crashed.

The State Department released a cable shortly after the incident, promising “disciplinary action” for users who click the “reply-all” button on emails with large distribution.

3. Cornell Students Steamy Email Scandal

In what many are calling the “worst email gaffe ever”, two married (not to one another) Cornell Business School employees accidentally sent their complete and very explicit email correspondence to the student body. John (a tech consultant) and Lisa’s affair has found viral fame on the internet due not only due to the lascivious nature of the couple’s emails but because of the content itself: hilariously bad puns, tickle torture, and many NSFW details make their email transcript an eye-opening, yet simultaneously cringe-worthy, read. The lesson here is clear: the internet is a cruel and unforgiving mistress.

2. David Axelrod’s Myth-Debunking Mass Email

Allegedly, White House Senior Advisor David Axelrod’s email message attempting to debunk myths about healthcare reform was only supposed to go out to individuals on the WhiteHouse.gov mailing list. Instead it somehow ended up in the inboxes of people all across the US and was instantly hailed by healthcare opponents as a new Obama-approved spam-assault campaign. Headlines proclaiming that the White House had adopted the cheap tactics of spammers adorned conservative news shows, even while the White House claimed that their mailing list is opt-in only. In the end, mysterious third-party groups were blamed for the unsolicited emails.

1. The Global Warming Email Leak

No accidental reply-to-all click-party here; just your run-of-the-mill global conspiracy. In early November, hackers broke into the email server at the University of East Anglia’s Climatic Research Unit (CRU) and posted over 1,000 emails and 3,000 documents online. The emails contain messages that many believe imply a cover-up on the part of some of the most respected scientists behind the global warming movement.

Within hours, damage-control statements were issued from the University of East Anglia and the CRU, explaining that the supposedly incriminating portions of the emails are really just misunderstandings that occur because the average reader doesn’t understand all of the technical jargon these scientists are using and/or the messages are out of context. Some of the scientists involved blame the incriminating excerpts on poor word choice and claim the hacking is part of a “sustained and, in some instances, vexatious” campaign to “distract from reasoned debate”. Still, the credibility of the global warming movement has been dealt a serious blow with these leaked messages.

The point is not whether information was falsified or skewed to suit the needs of organizations that rely on said information for funding, but rather the fact that the biggest environmental movement of the last decade may see resurgence in opposition thanks to a few, potentially innocent, email messages.

A Final Thought

With Gmail and other email service providers introducing new “anti-embarrassment” functionality to our daily email routines, will we someday witness the disappearance of these sorts of egregious gaffes and blunders? I’ll go out on a limb and say no, probably not. In the case of email gaffes, I tend to agree with Rich Cook, whom I’ve quoted below.

“Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.”