Thousands of email addresses were exposed yesterday in an email sent on behalf of the Do Not Call Register.
DNCR is a free service operated by the Australian Communications & Media Authority (ACMA) that allows individuals and organisations to remove their phone numbers from receiving unsolicited telemarketing calls.
In an email sighted by CRN sent yesterday, DNCR Support informed about a planned service outage scheduled for 25 May. The email contained more than 2,000 email addresses in the "To" field.
The privacy fail is all-too ironic, given that ACMA aims to protect citizens' privacy. The watchdog regularly censures operators for privacy breaches, such as reprimanding SpinTel and Southern Phone for inadvertently allowing personal details of silent line customers to be published in a number of phone directories.
Marketing services company Salmat won the contract to run DNCR registration and washing services along with the DNCR website in 2014.
A spokesperson for the regulator told CRN: “The ACMA has been informed of this incident, which it takes very seriously. The operator of the Do Not Call Register (Salmat) is working with the ACMA to contact all affected parties and Salmat will conduct an urgent review of procedures to avoid a repeat of the situation.”
A Salmat spokesperson told CRN: "It’s a regrettable incident involving industry email addresses and Salmat has immediately put in place additional procedures to ensure this does not happen again.”
In a similar incident last month, IT industry advocacy group CompTIA landed in hot water when an employee exposed the email addresses of at least a thousand members.