There’s a bank clerk in Wyoming who is in deep trouble with the boss. According to news reports, an employee of a bank in Wyoming sent an email that contained customer data to the wrong recipient’s Gmail account. The employee of Rocky Mountain Bank made two critical errors: First, they sent it to the wrong address, and second, they attached a file with sensitive information that should not have been attached.

According to news reports, the employee, realizing they had sent it to the wrong address, tried to “recall” it after sending it. Huh?? How long has this employee been using email? Just about anybody that isn’t living in a cave knows that you can’t recall an email once you’ve sent it out. That’s why standard procedure should include at least a quick once-over of the contents and recipient list before hitting the “send” button.

The attachment that was sent contained customer information, including social security numbers and loan data.

Then apparently the employee sent another email to the person that had incorrectly been sent the information, asking them to delete it without opening or reading it, and also asked the person to contact the employee. Again, huh??

First of all, if I get an email from a bank with an attachment and I’m not expecting it (which I’m usually not), I will simply delete it without looking at it, thinking it to be spam, which it usually is. Chances are, the recipient did the same. And if I get an email with a bank address asking me to make contact, again, no dice. Not gonna do it. On the off chance that the recipient even saw the emails, they were well within their rights to ignore the request.

However, the bank didn’t see it that way, and now they’re suing Google to try to get them to identify the recipient. Google said no dice to the bank, and again, Google is well within their rights to refuse without a court order, and bravo for Google for not providing the information.

And to make it even worse, the bank asked the court to seal the case so customers wouldn’t learn about the breach. In most states, banks and financial institutions are legally obligated to notify customers about such breaches, and the courts quite appropriately refused to seal the case.