Jump to content
Cruise Critic Community

Data Protection Issue

davyjones

By davyjones,
in Cunard Line

Recommended Posts

MawganTr

MawganTr

Posted
Posted

I have to admit that I did wonder about the legality of using the information on the spreadsheet to email people. You have to be very careful about using such information. Data protection rules are very strict.

 

 

Sent from my iPad using Tapatalk HD

Link to comment
Share on other sites
Cruachan

Cruachan

Posted
Posted
This is a prime example of human error, an employee of Cunard has sent out an email that had a spreadsheet attached in error. This spreadsheet contained some data on 1200 people or possibly 1200 couples which included their personal information, should it have happened? No of course it shouldn't. Is it Cunard's fault? Well their employee made the error so it can be laid at their door. What should Cunard do to prevent this ever happening again? Put post-it notes on all computers saying "DON'T SEND STUPID SECRET FILES OUT IN ERROR" and tell their staff to be more careful. Sadly people make mistakes which is why they put rubbers on the ends of pencils. NB, some call rubbers erasers! :)

 

And one of the biggest problems with e-mail in general is that it almost seems as though it was subjected, at the initial design stage, to the influence of some malign intellect that made it just about the simplest communication medium ever invented with which to make major blunders. I will carry to my grave with me the memory of a bijou little incedentette a couple of years ago when I received an e-mail from a group of researchers based in France with whom we were collaborating. They had been somewhat obstructive about answering some important questions that I had put to them. In a fit of frustration I forwarded their e-mail to my boss and, what shall I say - "poured out my heart" about their manifest failings. I met my boss later that morning and asked if she had received the forwarded e-mail. She said she hadn't, which surprised me a little so, when I got back to my desk, I checked whether the message had gone. It had gone but, sadly, not to her. It didn't take me too long to work out that, instead of hitting the "Forward" button, I had hit the "Reply" button. I still cringe at the thought. :eek::eek:

 

J

Link to comment
Share on other sites
capnpugwash

capnpugwash

Posted
Posted
And one of the biggest problems with e-mail in general is that it almost seems as though it was subjected, at the initial design stage, to the influence of some malign intellect that made it just about the simplest communication medium ever invented with which to make major blunders. I will carry to my grave with me the memory of a bijou little incedentette a couple of years ago when I received an e-mail from a group of researchers based in France with whom we were collaborating. They had been somewhat obstructive about answering some important questions that I had put to them. In a fit of frustration I forwarded their e-mail to my boss and, what shall I say - "poured out my heart" about their manifest failings. I met my boss later that morning and asked if she had received the forwarded e-mail. She said she hadn't, which surprised me a little so, when I got back to my desk, I checked whether the message had gone. It had gone but, sadly, not to her. It didn't take me too long to work out that, instead of hitting the "Forward" button, I had hit the "Reply" button. I still cringe at the thought. :eek::eek:

 

J

 

I have made the same mistake myself and it was only afterwards that I discovered that the Recall button on emails doesn't work!

Link to comment
Share on other sites
bluemarble

bluemarble

Posted
Posted

I just received an "Emergency Notification Urgent" e-mail message from Cunard. It states:

IMPORTANT NOTICES

New Booking Number

 

Due to system issues, we will be issuing a new Booking Number for the booking referenced in this notification. Within 48 hours you will receive
a new Booking Confirmation with a new Booking Number. We ask that you please make note of the the new Booking Number for all future
communications.

 

We apologize for any inconvenience this may cause.

 

Thank you for your attention to this notification.

We did not receive the original e-mail with the spreadsheet attached, so I do not know if the information for our upcoming voyage on the Queen Elizabeth was disclosed. But Cunard is taking action to assign us a new booking reference number, presumably because of this incident.

 

Regards,

John.

Link to comment
Share on other sites
Louise D

Louise D

Posted
Posted
And one of the biggest problems with e-mail in general is that it almost seems as though it was subjected, at the initial design stage, to the influence of some malign intellect that made it just about the simplest communication medium ever invented with which to make major blunders. I will carry to my grave with me the memory of a bijou little incedentette a couple of years ago when I received an e-mail from a group of researchers based in France with whom we were collaborating. They had been somewhat obstructive about answering some important questions that I had put to them. In a fit of frustration I forwarded their e-mail to my boss and, what shall I say - "poured out my heart" about their manifest failings. I met my boss later that morning and asked if she had received the forwarded e-mail. She said she hadn't, which surprised me a little so, when I got back to my desk, I checked whether the message had gone. It had gone but, sadly, not to her. It didn't take me too long to work out that, instead of hitting the "Forward" button, I had hit the "Reply" button. I still cringe at the thought. :eek::eek:

 

J

 

It is amazing how often in my business I receive important information by email where the attachment might clearly relate to a different subject or the whole email might have been intended for someone of a similar name. As soon as it becomes apparent there is an error of some kind, I always inform the sender by reply, then delete the email. I think that is the general etiquette to deal with erroneous emails.

Link to comment
Share on other sites
capnpugwash

capnpugwash

Posted
Posted
It is amazing how often in my business I receive important information by email where the attachment might clearly relate to a different subject or the whole email might have been intended for someone of a similar name. As soon as it becomes apparent there is an error of some kind, I always inform the sender by reply, then delete the email. I think that is the general etiquette to deal with erroneous emails.

 

I agree and would do the same.

Link to comment
Share on other sites
Whitemarsh

Whitemarsh

Posted
Posted
Partial quote:

But Cunard is taking action to assign us a new booking reference number, presumably because of this incident.

 

Regards,

John.

 

The voyage personaliser has been offline since this happened, and is still offline now. My guess is that it will remain offline until everyone that has been affected receives a new booking reference number.

 

I think it's good that Cunard has done this, hopefully it will have prevented anyone's personal details being compromised.

Link to comment
Share on other sites
Norfolk Brit

Norfolk Brit

Posted
Posted
It is amazing how often in my business I receive important information by email where the attachment might clearly relate to a different subject or the whole email might have been intended for someone of a similar name. As soon as it becomes apparent there is an error of some kind, I always inform the sender by reply, then delete the email. I think that is the general etiquette to deal with erroneous emails.

 

Exactly.

 

Does anyone else feel sorry for the poor blighter, probably paid little more than the minimum wage, who pressed the wrong button and is probably having a miserable weekend?

 

Mary

Link to comment
Share on other sites
Cruachan

Cruachan

Posted
Posted
Exactly.

 

Does anyone else feel sorry for the poor blighter, probably paid little more than the minimum wage, who pressed the wrong button and is probably having a miserable weekend?

 

Mary

 

And tomorrow, probably increasing the unemployment figures by one!

 

J

Link to comment
Share on other sites
davyjones

davyjones

Posted
  • Author
Posted
Much as this is Cunard's error - was there not a disclaimer on the bottom of the email as below. Are you yourself not committing an offence by emailing people on the list ??

 

The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged

material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or

entities other than the intended recipient is prohibited. If you receive this in error, please contact the sender and delete the material from

any computer.

Carnival plc, a company incorporated in England, registered number: 4039524, registered office:

Carnival House , 5 Gainsford Street London SE1 2NE

VAT Reg No: GB 761 4300 58

 

 

Good idea - let's shoot the messenger rather than address the underlying security issues as to how Cunard et al guards access to our data.

Link to comment
Share on other sites
3rdGenCunarder "Live from...." Rare

3rdGenCunarder

Posted
Posted
And one of the biggest problems with e-mail in general is that it almost seems as though it was subjected, at the initial design stage, to the influence of some malign intellect that made it just about the simplest communication medium ever invented with which to make major blunders. I will carry to my grave with me the memory of a bijou little incedentette a couple of years ago when I received an e-mail from a group of researchers based in France with whom we were collaborating. They had been somewhat obstructive about answering some important questions that I had put to them. In a fit of frustration I forwarded their e-mail to my boss and, what shall I say - "poured out my heart" about their manifest failings. I met my boss later that morning and asked if she had received the forwarded e-mail. She said she hadn't, which surprised me a little so, when I got back to my desk, I checked whether the message had gone. It had gone but, sadly, not to her. It didn't take me too long to work out that, instead of hitting the "Forward" button, I had hit the "Reply" button. I still cringe at the thought. :eek::eek:

 

J

 

I did the same thing once. My boss passed on what was probably the 1,295,673rd incredibly stupid instruction/change of plan from an incredibly stupid client. I replied to her, complaining about all the problems this change would cause and was it really worth redoing so much work, etc etc. I could (and have!) said anything to this woman, as we've worked together for ages. But what I said in that email was intended only for her, not the client. But ... I hit "reply all," and she had cc'd the client. Fortunately, I hadn't been profane, just angry.

 

Ini the end, it turned out to be a good thing. My boss quickly got a call from the client, who said, "Wow, Kathy's really upset. I took a look at what we asked for, and we hadn't realized the problems we created with this change. Please disregard the change."

 

So sometimes, a little carefully (OK, carelessly) placed venting can be helpful.

Link to comment
Share on other sites
3rdGenCunarder "Live from...." Rare

3rdGenCunarder

Posted
Posted
I just received an "Emergency Notification Urgent" e-mail message from Cunard. It states:

IMPORTANT NOTICES

New Booking Number

 

Due to system issues, we will be issuing a new Booking Number for the booking referenced in this notification. Within 48 hours you will receive
a new Booking Confirmation with a new Booking Number. We ask that you please make note of the the new Booking Number for all future
communications.

 

We apologize for any inconvenience this may cause.

 

Thank you for your attention to this notification.

We did not receive the original e-mail with the spreadsheet attached, so I do not know if the information for our upcoming voyage on the Queen Elizabeth was disclosed. But Cunard is taking action to assign us a new booking reference number, presumably because of this incident.

 

Regards,

John.

 

We've got a booking on QM2, and I got this same email this morning.

Link to comment
Share on other sites
3rdGenCunarder "Live from...." Rare

3rdGenCunarder

Posted
Posted
Or as seems to happen in big business gets promoted.

 

David

 

No, I don't think so. Whoever did this was probably far below the screw-up line. I have a theory that, in business, there is a dividing line that I call the screw-up line. If you're below it, you screw up something, you're toast. BUT if you're above the line, you screw up and you get promoted. Alas, I never got above that line...

Link to comment
Share on other sites
Cruachan

Cruachan

Posted
Posted
No, I don't think so. Whoever did this was probably far below the screw-up line. I have a theory that, in business, there is a dividing line that I call the screw-up line. If you're below it, you screw up something, you're toast. BUT if you're above the line, you screw up and you get promoted. Alas, I never got above that line...

 

I agree entirely - in fact I was just going to post something along the same lines. So, I will just add a codicil to the 3GC law - once you are above the SUL, the bigger the screw-up the greater the promotion!

 

J

Link to comment
Share on other sites
3rdGenCunarder "Live from...." Rare

3rdGenCunarder

Posted
Posted
I agree entirely - in fact I was just going to post something along the same lines. So, I will just add a codicil to the 3GC law - once you are above the SUL, the bigger the screw-up the greater the promotion!

 

J

 

Soooo true! Just look at the CEOs of some of our biggest companies. :mad:

Link to comment
Share on other sites
turquoise 6

turquoise 6

Posted
Posted

I remember when (not that long ago) when passenger lists were given out before sailing according to class. eg,Cabin class...list of fellow passengers

It was found in the stateroom. I may have a few lists from s/s Constitution,

Queen of Bermuda, and Caronia (green)

It was fun and everyone looked at it to see who was onboard. No email address though ..

I don't see why the fuss is so big here. everyone who is on the internet has all of their info compromised anyway.

Why not sit back and enjoy the "Ocean Liner Life"

Link to comment
Share on other sites
Host Sharon

Host Sharon

Posted
Posted
Good idea - let's shoot the messenger rather than address the underlying security issues as to how Cunard et al guards access to our data.

 

 

I'm not trying to shoot the messenger or remove blame from Cunard's error. However, I still believe that using the information sent to you by mistake, to contact anyone on the said list was compounding said error. It should have stayed between you and Cunard, IMO anyway.

Link to comment
Share on other sites
davyjones

davyjones

Posted
  • Author
Posted
I'm not trying to shoot the messenger or remove blame from Cunard's error. However, I still believe that using the information sent to you by mistake, to contact anyone on the said list was compounding said error. It should have stayed between you and Cunard, IMO anyway.

 

Actually there isn't any disclaimer on either the initial or follow up email. It's not what I would call a 'Cunard' email at all - no pictures or links or formatted text.

 

I personally would be delighted if some honest soul pointed out to me that information I thought was private and confidential had been compromised.

 

As per the RBS/NatWest banking issue this weekend in the UK it is how you respond to a mistake that defines you. The initial email was sent on Friday at 22:30 GMT, the follow up around 2 hours later. So in theory Cunard knew they had an issue then. But clearly not enough of an issue till I and I assume a few others contacted them around 16 hours later and pointed out the error of their ways and the implications as the VP was closed down not long after.

 

DJ

Link to comment
Share on other sites
Basilon

Basilon

Posted
Posted
I'm not trying to shoot the messenger or remove blame from Cunard's error. However, I still believe that using the information sent to you by mistake, to contact anyone on the said list was compounding said error. It should have stayed between you and Cunard, IMO anyway.

 

I 100% agree. While you may be a honest soul why pass on information to an absolute stranger!:eek:

Link to comment
Share on other sites
Salacia

Salacia

Posted
Posted
whoops! Definitely meant inconvenience! Sorry about that.

 

Hi darrencantwait. Thanks for that clarifiation. But as to the data breach, think it might be more than an inconvenience. I did not receive the e-mail the OP mentioned, and I don't know how much personal information was made availabe due to the security breach, but this is a quote from http://boards.cruisecritic.com/newreply.php?do=newreply&p=34282203

 

"When you register we collect information which may include your name, address, gender, birth date and email address, your telephone number, special occasion dates, vacation and dietary preferences, health requirements, and passport and credit card information (cardholder name, card number and expiration date) as well as emergency contact information (the name, address and telephone number of someone not traveling with you who we can contact in case of an emergency. ("Profile Information") Information collected in the Voyage Personaliser may include Profile Information for yourself and those traveling with you."

 

Whenever I accessed Voyage Personalizer (VP) for my voyage(s), the above mentioned information was readily accessible. If this information was accessible to others, I would not only consider it inconvenient, but also alarming. But to repeat, I do not know the extent to which personal information was exposed. Cunard has not been pro-active in alerting passengers regarding the breach in security, or recommend what passengers need to do as a result of this breach.

 

BTW, as quoted from the above mentioned Cunard web page:

If you have any questions or comments regarding our Privacy Policy or our website, you can contact us at Cunard Line, Attn: Privacy Policy, 24844 Avenue Rockefeller, Santa Clarita, CA 91355, Tel. 1-800-7-CUNARD; Fax (661) 284-4747. This site is owned and operated by Cunard Line, Ltd. which controls any information submitted through this site.

 

 

Just as an aside, no one really knows how this security breach occurred. Hacking? A worm or virus on a Cunard employee's computer? A simple mishap that occured more than once? I doubt we will ever know, but we were warned:

 

"Cunard Line cannot guarantee the security of any information you transmit to us or from our site, and therefore you use our site at your own risk."- Copied from http://www.cunard.com/Legal--Privacy/Privacy-Policy/

 

-S.

Link to comment
Share on other sites
Salacia

Salacia

Posted
Posted
I don't have an active Cunard booking at the moment, but I'd be surprised if credit card info is accessible within the Voyage Personalizer. Is yours?

 

Underwatr, I don't have an active booking either (thankfully). I don't know what personal information might have been vunerable; I'm only aware of what was available to me when I accessed my Voyage Personalizer in the past (and as confirmed by my previous quote from the US Cunard website).

 

Having no desire to be one, I'm not a hacker. But I am aware of what can be done with an open window - which is why I am concerned about this security breach. Frankly, I'm more concerned about other issues since I only use one credit card and I regulary check charges to my account, and under the terms of agreement, I am not responsible for fraudulent charges on my credit card.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
  • Forum Jump
    • Categories
      • Welcome to Cruise Critic
      • New Cruisers
      • Cruise Lines “A – O”
      • Cruise Lines “P – Z”
      • River Cruising
      • ROLL CALLS
      • Cruise Critic News & Features
      • Digital Photography & Cruise Technology
      • Special Interest Cruising
      • Cruise Discussion Topics
      • UK Cruising
      • Australia & New Zealand Cruisers
      • Canadian Cruisers
      • North American Homeports
      • Ports of Call
      • Cruise Conversations
×
×
  • Create New...