Uwin - Player privacy breach
At shortly before 6pm tonight, an email came entitled "Your Second Chance" to remind players who had a losing bet in the Cashback Friday game that the money had been credited to their account and was ready for betting with.
Below this email was a series of other emails:
1. An email from a player to Uwin CS which contained the player's real name, username, email address and telephone number.
2. The forwarding of this first email from CS to a Uwin manager (?).
3. A response from the manager (?) to CS.
Clearly, CS didn't realise they were sending out the "Second Chance" email to everyone without deleting all the other email messages but this appears a very bad breach of a player's privacy and security.
After this email was sent, they sent another email: "Uwin Customer Care would like to recall the message, "Your Second Chance"."
How do you recall an email that you sent already? There is no "second chance" once you've clicked send.
Overall, while I've no problem with Uwin as a book in general, this is clearly a very serious error.
Yes I got this too. I think email recalls only work on an intranet - once you have sent it to the world beyond you lose control of it.
Originally Posted by musicbox
I agree it is a very serious error and would expect a follow-up from uwin acknowledging this and assuring us that they have put steps in place to ensure it never happens again.
Yes I remember talking about this on the chatbox. It looks to me as though:
- A customer emailed Uwin about a poker bonus.
- Some CS rep who is responsible for sending the 'second chance' emails accidentally forwarded that email to his boss when he was asking about whether he should do the 'second chance' email.
- The 'boss' replied to the CS rep saying 'yes, go ahead, do as you see fit'.
- The CS agent went ahead and sent out the 'second chance' email without realizing all of the above ^^ was included in the email. Oops.
Is quite worrying not least because the customer's account name and telephone number was included.
Presumably they're aware of the problem now since they tried to issue a recall on the email (as above is obviously totally useless doing a recall in an 'open' system like the internet, is probably meant to be for a localized 'closed' system like a Uwin's local network / intranet / groupware system).
Hope that customer knows about it as well, would take some balls to fess up about that one but probably better that it came from Uwin rather than another customer.
Yip, I got it too...this must of went to everyone!
Tags for this Thread