TechSpot

Bank sues Google after emailing sensitive data to wrong Gmail account

By Captain828
Sep 22, 2009
  1. I find the case pointless. They were sloppy and sent the wrong stuff to the wrong person.
    However, from what I know, all customers of a bank have their e-mails tied to their bank file. Finding the person to whom they sent the e-mail would be trivial in this case... or did that employee send it to a totally wrong address?!
    I find it humanly to make mistakes, but to e-mail info on 1.325 accounts for a single account requiring info? this sounds more like sabotage than slopiness IMO.
     
  2. Maybe the message went to that person's SPAM box, never to be seen again... or not.
     
  3. Badfinger

    Badfinger TS Rookie Posts: 160

    1325 accounts? WTF!
    Whoever got it, hmmmm interesting dilemma.
    Lots of people don't even use some email accounts often or abandon, so there is a reasonable chance this email was never seen.
    Whose this fool that did make this *****ic mistake, should be fired.
    Always double check email addresses when sending sensitive stuff, common sense!
    Google might not even have the name of the person, let alone real contact information.
     
  4. Matthew

    Matthew TechSpot Staff Posts: 6,074   +84 Staff Member

    Interestingly, a Wyoming bank has filed suit against Google after mistakenly emailing sensitive data to the wrong address.

    Read the whole story
     
  5. Vrmithrax

    Vrmithrax TechSpot Paladin Posts: 1,286   +232

    Classic example of modern thinking here in the US today... We screwed up, so you need to fix it, and if you don't we will sue you.
    The entire thing is absolutely absurd, and any bank that is using Gmail accounts to handle sensitive bank information is one that should be avoided at ALL costs. My wife worked in the operations center of a bank, and there are massively strict guidelines about never EVER divulging any account information to a system outside of the bank's internal communications system. So, if they let it happen, the person(s) responsible should be summarily dismissed, and the victims of this idiocy notified so they can take appropriate action to protect their credit record. And any costs incurred in such protection should be covered by the bank.
    But, of course, that's if we lived in a world where people were actually responsible for their actions. Much better to sue the company who's only involvement in this was that they happened to have the email system the ***** at the bank used, and who's only "crime" is that they are just following their previously disclosed privacy policies.
     
  6. LightHeart

    LightHeart TS Rookie Posts: 155

    Of course the bank employee made a few mistakes, not verifying the email address, sending a large amount of data containing customer info, not encrypting the attachement or using a secure method to send it. I can see Google trying to protect the identity of the account however given the circumstances it seems Google could help more rather than turning a blind eye.
     
  7. nazartp

    nazartp TS Enthusiast Posts: 205   +10

    I can see Google being afraid of a massive fallout if they divulge personal information without the court order. On the other hand I agree with LightHeart that they can help - do not give the information to the bank, but act as an intermediary and contact the account holder in question.
     
  8. Punkid

    Punkid TS Maniac Posts: 546

    its the banks fault i dont get it why they sued google...u cant jst call google and say HEY i want my email deleted blablabla
     
  9. Quite simply bank personnel should not be emailing production customer data to anyone outside the bank's network. There's no excuse for sending sensitive customer data to any Gmail account, period. How there is no legal action against the bank, I don't understand. They broke the law.
     
  10. Vrmithrax

    Vrmithrax TechSpot Paladin Posts: 1,286   +232

    They don't bend, because this is a very slippery slope in the modern "if it moves, sue it!" environment. Making a single exception, even for good reasons like in this case, sets a bad precedent and can open up the floodgates of requests for user information. The Google lawyers know this, and that is why they are sticking to their absolute documented account agreements, which every gmail user acknowledges (and assumes is true) when signing up. To break their own contract with a single user would open them up for frivolous lawsuit after lawsuit, with each claiming "well, you made an exception for them, why not me?" The end result could very well be either Google buckling financially under a massive legal debt, or them being forced to buckle and make Gmail a useless mail system that is no more private and secure than posting something on your myspace page, or just shouting it out for the world to hear.
     
  11. pgbsamurai

    pgbsamurai TS Rookie Posts: 27

    Ok, first off, why is information on over a thousand accounts being sent to a single account holder? Second, why is it being sent through an UNSECURED medium like email? This is in no way Google's fault. They are not being uncooperative. They are following their privacy contract. They did not flat out refuse to help. They simply stated that they could not give out the information the bank requested without a court order. This protects Google, Gmail users, and provides the bank in question with better evidence if a legal case needs to be brought to court. My question now is, how many hackers have set up sniffers on this bank's email system to see if they can catch outgoing account info?
     
     
  12. Rocky mountain bank - Wyoming employs a bunch of *****s. The market pres came from a now failed bank, the folks behind operations don't know how to open an account, the vp of talent should have been fired along time ago, and the entire bank itself has zero integrity. They've let this breech go for over 6 weeks and did nothing to help those that are at risk. That is crap! Waste money and sue google but not take action and limit the risk to your customer? Are you kidding me?
     
  13. maestromasada

    maestromasada TS Rookie Posts: 97

    I have received a forwarded e-mail from the mentioned Bank but only with 1324 addresses on it, could it be that one?? Maybe the person who sent me the e-mail delete themselves from the list before forwarding. Please advise if you request a copy.
     
  14. red1776

    red1776 Omnipotent Ruler of the Universe Posts: 5,906   +90

    I don't think it could be stated any better than this.
     
  15. TJGeezer

    TJGeezer TS Enthusiast Posts: 385   +10

    pgbsamurai got it right: "...why is information on over a thousand accounts being sent to a single account holder? Second, why is it being sent through an UNSECURED medium like email? This is in no way Google's fault. They are not being uncooperative. They are following their privacy contract."
    I'll add that the lawsuit smells to me like a CYA attempt by the bank. They are SO culpable in so many ways, by rights every one of their customers should be grabbing anything left in their accounts and running for the doors.
    The only way this story makes sense is if disclosing the information to an outsider was either malicious or incredibly incompetent, and the managers, when advised of it, curled into fetal positions and hoped it would go away. Now they're announcing "We are TOO doing something about it!" and blaming Google, whose legally binding policies forbid disclosure without a court order.
    If the bank had any case at all, that court order would not be hard to get. Google all but invited them to go get one. So there is some other agenda working here. There has to be.
     
  16. raybay

    raybay TS Evangelist Posts: 10,716   +6

    Mostly a covery your butt exercise, I suspect.
     
  17. Punkid

    Punkid TS Maniac Posts: 546

    well said mate
     
  18. its an honest mistake.
     
  19. T77

    T77 TS Enthusiast Posts: 315

    the bank is at fault,sending sensitive info through email and to the wrong person.
    i don't think google is at fault
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.