A web site where users anonymously review their employer has exposed the e-mail addresses — and in some cases the names — of hundreds of thousands of users. An anonymous reader quotes an article from Silicon Beat:
On Friday, the company sent out an email announcing that it had changed its terms of service. Instead of blindly copying email recipients on the message, the company pasted their addresses in the clear. Each message recipient was able to see the email addresses of 999 other Glassdoor users…
Ultimately, the messages exposed the addresses of more than 2 percent of the company’s users… Last month, the company said it had some 30 million monthly active users, meaning that more than 600,000 were affected by the exposure… Although the company didnâ(TM)t directly disclose the names of its users, many of their names could be intuited from their email addresses. Some appeared to be in the format of “first name.last name” or “first initial plus last name.”
A Glassdoor spokesperson said “We are extremely sorry for this error. We take the privacy of our users very seriously and we know this is not what is expected of us. It certainly isn’t how we intend to operate.”
Read more of this story at Slashdot.