The Popular web-based hosting service for software development projects, GitHub, mistakenly leaked thousands of email IDs of its customers today. More importantly, these IDs were of the premium customers of GitHub’s service called GitHub Enterprises.
Well, GitHub did not intentionally leak the email IDs online, it only committed a mistake that allowed some user to make them public.
The Curious Case of Leaked Email IDs
It all started when GitHub Enterprises sent an email to its users that prompted them to renew their GitHub Enterprises license. Later, many users of GitHub enterprise reported that this email was faulty right from the start as the expiration date of their licenses was quite far away to be sent a renewal reminder by the company.
The mistake was not the email in itself; rather, it was how the email was sent. Thousands of email IDs of GitHub Enterprise users were put in the ‘To’ field rather than in the ‘Bcc’ field to make them invisible to others. As a result, every recipient of the email got to see thousands of email IDs of other GitHub users.
GitHub Senses Things Are Amiss…
After sometime, the folks at GitHub Enterprise realized the error of their ways and posted a clarification of their action on a blog. They said,
“Earlier today a routine system email was incorrectly sent to many of our GitHub Enterprise customers. In these errant emails, customer email addresses were included in the To: field, making them visible to anyone who received the message.”
However, by the time GitHub realized its mistake, it was too late. One of the recipient of this errant email decided to paste all these email IDs on a text sharing website called ‘Pastebin’.
This GitHub news spread like wildfire on the internet and angry customer complaints started to pour in. Many GitHub Enterprise users complained that if GitHub cannot ensure the safety of their email IDs, how can it ensure that its hard-worked software codes and programs are safe with GitHub.
The Official Apology – Will it Be Enough?
The GitHub Enterprise team posted an official apology in the following words:
We are very sorry about this. We have determined what caused this incident and contacted all affected customers directly.”
Now, it remains to be seen if GitHub customers manage to trust it once again or this fiasco by GitHub Enterprises turns out to be a ‘Blessing in Disguise’ for GitHub’s competitors. Let’s wait and watch!
Latest posts by Faisal Arshad (Posts)
- Obama Approved NSA’s use of Heartbleed for ‘National’ Interests - April 14, 2014
- Who’s affected and who’s not? How to Stay Safe from OpenSSL’s Heartbleed - April 11, 2014
- Cheapest VPN – Get Best Value for money with Cheap VPN - April 11, 2014