Sonos goofs again – this time revealing customers’ email addresses in Cc: blunder

Sonos goofs again - this time revealing customers' email addresses in Cc: blunder

Sonos goofs again - this time revealing customers' email addresses in Cc: blunder

Sonos hasn’t had the best start to 2020, and it just got a little bit worse.

Earlier this month it announced that from May it would no longer be pushing out software updates to some of its legacy speaker hardware and (to make things worse) if you had a mixture of newer and older Sonos equipment inside your home none of them would be receiving any updates!

There has since been a partial U-turn on that, with Sonos’s CEO saying that the firm was working on a way to allow customers to split their systems so that modern products could work together and get the latest features, while legacy products work together and remain in their current state without updates.

Email Sign up to our newsletterSign up to SLG’s newsletter – “GCHQ”
Security news, advice, and tips.

It’s been something of a communications crisis for Sonos, which it should really have thought through in advance. And one of the consequences has been that Sonos’s customer service team has been inundated with concerned emails from some (quite understandably) grumpy customers who have invested a lot of money in their speaker systems.

To handle the barrage of emails, Sonos’s European customer service department has been sending out a generic email as they try to work through the backlog.

The email begins:

Dear Customer,

Thank you for contacting Sonos. Your query is important to us.

We apologise for the delayed response. Since last week we received an unprecedented number of emails which means we are unable to get back to you within our normal service levels.

If you query is regarding our Life Cycle communication please see a blog…

So what’s wrong with that? Well, as BBC News reports, a customer service representative made the mistake of emailing it to 475 customers… by including all 475 email addresses in the Cc: field rather than the Bcc: field.

Customers, understandably, were not impressed to find that Sonos had shared their email address with everyone else on the list.

Sonos shared a statement with BBC News apologising for the error. Presumably they also sent it to other news outlets too. Hopefully Bcc’ing them.

Pretty embarrassing for Sonos to be sure, but not quite as embarrassing as the time the Dutch data protection authority had to report itself to itself after suffering a similar data breach.

Problems like this can be avoided by having an email client warn that you have a ridiculously large number of people in the Cc: field and ask for confirmation that the email really should be sent.

Found this article interesting? Follow SLG on Twitter to read more of the exclusive content we post.

Leave a Reply

Your email address will not be published. Required fields are marked *