NSI sends customer list to customer list
The consolidated e-mail addresses of many thousands of .org Web site owners has accidentally been included in a mass customer-notification missive from NSI to each address included in the list.
A 1.7 MB text file forwarded to us by a number of moderately displeased NSI customers lists every contact e-mail connected to .org sites from R through Z. These are believed to be public contact addresses for the Web site operators, not confidential contact addresses.
It's common for site owners to keep several of their addresses private to maintain a few spam-free lines of communication with the outside world, and domain providers are expected to guard these jealously.
Unfortunately, the addresses are now neatly consolidated so that any spammer on the list will have received a collection of addys suitable for easy insertion into his spam-o-matic.
NSI has made an official statement thus: "Network Solutions, a VeriSign subsidiary, sent a Customer Notification email to .org customers this morning which inadvertently contained email addresses for some of its other .org customers. This was a mistake and we apologize for including those additional emails in the notification. The emails are publicly available through Whois data, but we regret they were included in some of these email communications we sent. We will apologize to those customers affected and regret this mistake. The notification contained no other information from other customers."
Company spokesperson Patrick Burns did confirm that the mass e-mail in question is the only one to have been sent, but was unable to say whether the cause was human error or a technological snafu. The company is also reasonably certain that none of the e-mail addresses are confidential, but are instead those listed in the Whois database as contact addys. ®