Seven days ago I received 'Infosec Consultant' job prospect news from **** Recruitment by email, but did not reply; an Infosec Consultancy wants to contract security consultants.
Today I received unsolicited news update direct from ****'s client, which included the email contact details of hundreds of job seekers listed in ****'s data base including the name of ****' staff... oops!
Update: One week on, the same from a Financial Services firm!
Now the question is - who is the more stupid?
1)
Dear Terry,
Please accept my apologies on behalf of **** Recruitment for this unfortunate incident. **** has strict procedures and controls in place for sending out e-shots and electronic mailers to candidates to ensure that incidents of this nature do not occur. The recruitment consultants all receive training on their obligations under the Data Protection Act and are required to use an email maker system that ensures all recipient email addresses are blind copied.
I can assure you that we take incidents of this nature very seriously and a full investigation will be conducted. Disciplinary action will be taken if it is found that the consultant concerned has not followed the correct procedure for sending communications to multiple recipients.
I can confirm your details have been unsubscribed from our database.
I trust that I have been able to provide sufficient clarification and I thank you for bringing this matter to our attention.
Kindest Regards,
****
2)
Today I received unsolicited news update direct from ****'s client, which included the email contact details of hundreds of job seekers listed in ****'s data base including the name of ****' staff... oops!
Update: One week on, the same from a Financial Services firm!
Now the question is - who is the more stupid?1)
Dear Terry,
Please accept my apologies on behalf of **** Recruitment for this unfortunate incident. **** has strict procedures and controls in place for sending out e-shots and electronic mailers to candidates to ensure that incidents of this nature do not occur. The recruitment consultants all receive training on their obligations under the Data Protection Act and are required to use an email maker system that ensures all recipient email addresses are blind copied.
I can assure you that we take incidents of this nature very seriously and a full investigation will be conducted. Disciplinary action will be taken if it is found that the consultant concerned has not followed the correct procedure for sending communications to multiple recipients.
I can confirm your details have been unsubscribed from our database.
I trust that I have been able to provide sufficient clarification and I thank you for bringing this matter to our attention.
Kindest Regards,
****
2)
Dear Mr McKenna,
I
can only apologise for the distress the inadvertent disclosure of your
contact details has caused, and as requested I have removed your contact
details from our database.
Whilst
this disclosure was caused by human error on the part of a *****
employee, I have taken internal disciplinary action against the employee
concerned as we are committed to protecting our clients Personal Data
and a disclosure of this nature even if it was unintentional, is simply
unacceptable.
Should you wish to discuss this matter further please do not hesitate to contact me directly on Tel ...
Kind regards
James