There is much talk about data security, protection of privacy, measures that large companies use to prevent its users ‘ information falling into the wrong hands. Then it is just a trivial human error and all of these efforts go up in smoke.
This is shown by the story, which has recently focused OnePlus: the chinese manufacturer has been involved in the past events that have exposed the data of its users but one that is discussed today has nothing to do with a hacker attack. Concerns more than simply the inappropriate use of the basic tools of an e-mail client, or the use of the To field and BCC field.
Thefact: OnePlus has sent the same email to a series of users who had participated in a survey on the OxygenOS interface customized by the manufacturer and used in the smartphone OnePlus) after the release of version 10.5.11 party on 8 July. Since this is nothing bad if it were not for the fact that instead of inserting the email addresses of the recipients in the BCC field, who has managed to send used the To field.
The difference is not insignificant: using the BCC field (bcc Copies), you can make sending mass mails without the individual recipients can read the other address; instead of using the To: field, every recipient can read the e-mail of other users.
The error is not escaped those who received the mail and has quickly made the rounds of the Network with the attached screenshot (see fig. above), but properly censored.
We do not know the exact number of users involved, and is certainly not granted that the members of the list will make bad use of the e-mail of others, but it remains a serious slip on the media plan carried out by a company of the calibre of OnePlus where you do not expect errors of this type. For the moment, OnePlus has not ruled on the matter.