Neoseeker is reporting that as many as 8000 Comcast email accounts have been compromised. The breach was discovered by a professor at Wilkes University. While doing a search on his email address he found a document hosted on Scribd that contained the usernames and passwords of thousands of Comcast customers. What’s more, the list had been there for at least 2 months and had been accessed thousands of times. Comcast is denying responsibility:

Jennifer Khoury, a Comcast spokeswoman, responded stating that they did not believe this information was provided by anyone inside the company citing lack of structure on account numbers and duplicity on some of the information. Instead, the information appeared to have been gathered through a phishing type scheme.

Comcast says they are freezing the accounts that were compromised and will notify their owners. If you have a Comcast account you’d be doing yourself a favor if you changed your password. Can’t be to careful! It’s not yet known who owns the document or how the data was obtained but experts believe it could be the result of a phishing scheme.

The Seattle Times is reporting that a single email has killed a worker-rights bill that was a top priority of the Washington State Labor Council. Here’s an excerpt:

Here is the text of the Democrats’ joint statement:

“We are no longer considering action on House Bill 1528 and Senate Bill 5446, also known as the Worker Privacy Act.

“Immediately upon becoming aware of an e-mail linking potential action on the bill to campaign contributions, bringing the bill forward was no longer an option.

“The e-mail raises serious legal and ethical questions. The matter has been referred to the Washington State Patrol for investigation.”

Part of the email implied that campaign contributions would stop unless the bill was signed into law. Lawmakers say the Legislature is not for sale and has asked the Washington State Patrol to investigate. This is yet another in a long line of cases where a poorly worded or just plain inappropriate email has played political havoc. So far several resignations have resulted as the result of racist emails about President Obama, and at least once lawmaker in Canada drew fire after distributing an email that supported anti-Israel sentiments and glorified the terrorist group Hezbollah. Once again, when in a professional setting think very carefully before hitting that send button!

Wired’s Threat Level Blog is reporting that the University of Tennessee student accused of hacking into then vice presidental candidate Sarah Palin’s email account has been hit with three more felony charges.  21 year old David Kernell has already been indicted on one count of violating the Computer Fraud and Abuse Act, and now will also face charges of wire fraud, identity theft, and obstruction of justice. Here’s an excerpt:

Threat Level broke the story last September that someone had obtained unauthorized access to Palin’s e-mail account by using publicly available information about her to reset her password to “popcorn.” He then posted the screenshots of e-mail in Palin’s account, as well as her new password, to a forum at 4chan.org under the username “Rubico”, enabling other intruders to access Palin’s account. Bloggers quickly traced the name Rubico to an e-mail address — Rubico10@yahoo.com — that Kernell was known to use, prosecutors say.

If convicted, he faces up to two years in prison and a fine of up to $40,000. Ironically, Kernell has sought to have prosecutors barred from referring to him as a hacker, even though that is exactly what he is. He claims he gained access to the account by simply guessing the answers to Palin’s security answers (which is a powerful reminder to make them as complex as possible rather than use things anyone could easily find out about you), but the mere fact he did so shows his intentions were to gain access to someone else’s account, and then when he changed Palin’s password and posted it on a public message board it’s obvious he was encouraging others to do the same. Hopefully he will learn a painful and expensive lesson!

Hundreds of British Justice Secretary Jack Straw’s contacts recieved an email from him explaining he was in Laos promoting a charity and had lost his wallet, and could they please wire him $3000 so he could settle his hotel bill and get a flight home?  Alarmed, many of them called his office only to find he wasn’t in Laos and never had been.

Instead, hackers had gotten into his account and sent the bogus message, hoping someone would fall for it:

It’s unclear how miscreants broke into the account but the use of a brute force dictionary attack to uncover the password is one possibility. Trickery that allowed the password to be reset, as in the hack on a Yahoo! webmail account maintained by Sarah Palin, is another possibility. Fraudsters have hacked into Hotmail accounts to punt similar persons in peril scams in the past but rarely have they picked on such a conspicuous target.

Straw confirmed the attack but said that the webmail account attacked was only used for constituency business and unrelated to his work in government.

The attack is called an advance fee scam and it’s becoming more and more widespread. Straw is in good company though. Sarah Palin, Britney Spears, Miley Cyrus and Fox News have also had their email accounts hacked.

The Huffington Post is reporting that Dean Grose, mayor of Los Alamitos, California has announced his resignation amid the public outrage he caused when he sent a racist email to several people. The email included a photo of the White House with its front lawn replaced by a watermelon patch and the caption “No Easter Egg Hunt this year.” One of the recipents, an African-American businesswoman, immediately scolded him:

“I think he’s saying that since there’s a black president, there will be no need to hunt for eggs since they’re growing watermelons in the front yard this year,” Price wrote.

She responded to the e-mail with: “Hey, that’s not nice at all. Not all black people like watermelon… you should know better than that.”

Grose replied: “The way things are today, you gotta laugh every now and then. I wanna see the coloring contests.”

Price said Grose’s response upset her more.

“As soon as I saw his response; that put me over the top because it was no big deal to him,” she said.

Grose claims he had no idea that the watermelon patch was a racist symbol, which is hard to believe. Despite turning in his resignation he still doesn’t seem to quite understand what all the fuss is about. Once again, the moral of this story is think, and think hard, before hitting that send button and make sure your employees do too. This kind of an email could cause your company a world of hurt ranging from bad PR to a costly lawsuit. Make sure your email and accceptable usage policies address situations like this!

The ATangledWeb blog is reporting that 30 British Telecom employees have been suspended for forwarding an email joke that made fun of Irish people. The company warned the suspended employees that they face further disciplinary action, prompting many to fear they may lose their jobs. In this economy that is no laughing matter. Here’s an excerpt:

The joke was sent around the office as a bit of fun. Everyone is worried about their jobs but we all try and cheer each other up.

The quip involves the death of three Irishmen. The first leaps with a budgie thinking he’s budgie-jumping; the second kills a parrot thinking he’s parrot-shooting and the third leaps off with a hen, believing he’s hen-gliding.

If you don’t quite get it, the joke is in the pronunciations of the various activities, which presumably pokes fun at the Irish brogue as well as intelligence. Budgie-jumping = bungee jumping, parrot-shooting =parachuting, and hen-gliding = hang gliding.

I’m part Irish and frankly I find the joke a bit stupid, but far from racist or offensive. However, assuming BT has a clearly defined email policy in place, the suspensions are well within the company’s rights. It may end up being a very costly lesson for the suspended employees, but an important one too. Think before hitting the send button and forwarding jokes, chain mails, or even seemingly innocent personal messages to your co-workers and/or employees. You never know how they will be received and it really isn’t worth the risk.

That said, if your company doesn’t have a clearly defined email policy in place, it’s a good idea to come up with one. It protects your company and your employees.

The NiemanJournalismLab blog is reporting that a federal appeals court in Boston has handed down a decision that has disturbed many, declaring that truth published with “actual malice” can be considered libel. The case in question is a libel lawsuit filed against Staples by  a former employee after the office supply giant sent a mass email announcing the employee was being fired for padding his expense report and for ethics issues. While the employee, a sales director, admitted to the charges, he still contends the email was libelous as it was sent out specifically to hurt his reputation. Here’s an excerpt:

Staples never previously disclosed the name of a fired employee in communications with employees; it sent no memos about other employees fired for expense policy violations; and most of the 1500 recipients did not travel for the company and did not need to be reminded of the travel expense policy.

With this decision, the First Amendment has been replaced by the maxim, “If you don’t have anything nice to say, don’t say it.” Consider the irony: The Supreme Court has said that there is constitutional protection for false statements on matters of public concern, but now the First Circuit says there is no constitutional protection for true statements on matters of private concern. What’s worse, the court offers no guidance about how to distinguish what is of “public concern” from what is of “private concern”.

This case is a stark reminder to be very very careful what you say in an email because your words can and will reflect on your company and could land you in some boiling water!

A prominent member of Florida’s Republican party has resigned after she an email with racist overtones she sent to a handful of friends was made public. The subject of the message was “Amazing” and in the body of it state committee member Carol Carter lamented, “I’m confused. How can 2,000,000 blacks get into Washington, DC in 1 day in sub zero temps when 200,000 couldn’t get out of New Orleans in 85 degree temps with four days notice?”

Continue reading Florida GOP Official Resigns Over Email Controversy

Early last week a man by the name of Gabe Ford sent a mass emailing to a large segment of Clarkson University’s student body, and all hell broke loose. The email, which was sent to a carefully selected group of male students, invited them to be part of a new chapter of the Sigma Nu fraternity. Unfortunately, Mr. Ford seems to be unaware of the BCC: function and this is what happened as a result:

The email sent by Ford triggered an avalanche of responses, beginning with a message from one student who replied to the entire mailing list declining Ford’s offer. This began a cavalcade of emails which quickly took the form of an internet forum. Many responders expressed an interest to be dropped from the mailing list while others seized the opportunity to perpetuate a series of internet memes and hold conversations by replying to all of the original recipients. By 8:44 p.m. the following day, 75 related emails had been sent.

The school claims that since student email addresses are listed in the campus directory, there was no breach of privacy. I think this example shows again why it’s so important to use the BCC: field when sending mass emailings of any kind.

Continue reading Emailed Invite Causes Havoc On Campus

The Toronto Star is reporting that Canadian Parliament member Maria Mourani is being criticized by Jewish groups and her fellow Parliament members after spamming all 308 with them with a graphic and hate-filled email paying tribute to the terrorist group Hamas. The email contained links to graphic images of the carnage in Gaza as well as videos that glorify violence against Israel. Here’s an excerpt from the report:

The note earned her a rebuke on Wednesday from Prime Minister Stephen Harper, from the Jewish-rights organization B’nai Brith and a caution from her leader to be more careful.

In one video link there’s a graphic of a heart surrounding the image of the political leader of Hamas, while other videos show numerous flattering images of people draped in the group’s iconic green bandana.

Canada’s list of terrorist organizations includes three groups – Hamas, Islamic Jihad and al-Aqsa Martyr’s Brigade – that receive laudatory treatment in the linked messages.

Mourani explained that she had not examined the entire contents of the email, which included hundreds of pictures, along with a handful of videos, newspaper articles and blog entries.

After her email raised eyebrows on Parliament Hill, Mourani sent her colleagues a more personal note in which she offered no apologies.

There are two lessons to be learned here. Never forward messages without actually reading them throughly yourself (and if it says “forward this to everyone in your address book” don’t forward it at all) and perhaps most importantly, keep your personal beliefs and political views out of your workplace!