Bank screws up; tries to sue Google so word doesn’t get out

Rocky Mountain BankA small bank in Wyoming made a double-oops last month.  They sent some sensitive information to the wrong Gmail address, but also included a document that shouldn’t have been sent at all.  They didn’t want their customers to learn of the breach, so they’ve sued Google.  Huh?

A customer of the Rocky Mountain Bank asked to have some loan documents sent to one of their representatives.  The bank sent the documents to someone with a similar e-mail address, and also included an attachment that held informtion on 1,325 other customers — names, tax ids, social security numbers, etc.  Amusingly, the bank employee then “tried to recall the e-mail without success”.  Yeah, I don’t think so.  You can read details about the breach here (PDF).

So far, Google is holding strong.  They say they won’t comply with a court order, even after which their policy is to notify an account holder and give the person a chance to object to the disclosure of their identity.

This is really so simply it’s stupid — if you want to keep a low profile, don’t sue Google.

Comments

  1. TC says:

    You know, there IS a really small window of time in which you can “recall” an email if you are using gmail.

  2. mickey says:

    TC – Good point. I thought about mentioning that. If you turn it on in Gmail Labs, you’ve got a five-second “undo” on each email sent.

Leave a Reply