Mass-mail fail followed outfit's appearance at jobs fair
BT Security managed to commit the most basic blunder of all after emailing around 150 infosec professionals who attended a jobs fair – using the "cc" field instead of "bcc".
The email, shown to The Register by a non-trivial number of aggrieved recipients, thanked them for attending the Westminster Cyber Expo and popping by the BT Security stand.
"As the importance of security and the scale of the threat grows, we'll be increasing the size of our security team by 25 per cent over the next five years and need people like you to join our team around the UK," boasted the email, which also exhorted its readers to follow BT Security on LinkedIn.
Instead of following basic data protection advice, however, BT Security cc'd it to all ~150 recipients – allowing them to read each other's email addresses and identities.
Some of the email addresses exposed were obviously work email addresses, including from police and central government employees as well as the usual cross-section of people you'd expect to find at a cybersecurity expo.