= Incident i20150219.1 =
  * Incident Number: i20150219.1
  * Status: closed
  * Incident Manager: BenediktHeintel
  * Date of incident opened: 2015-02-21
  * Date of incident closed: 2015-02-21
  * Incident title: Data Privacy Breach


== History Log ==
 . 2015-02-19: Incident i20150219.1 created
 . 2015-02-20: Containment action 1 send to incident causer
 . 2015-02-21: Incident documentation [[Audit/Incidents/priv/i20150219.1|private part]]
 . 2015-02-21: Containment action 2 send to incident causer
 . 2015-02-21: Ask Committee for Incident approval

== 1. Incident Response Team ==
 . Internal Auditor

== 2. Incident Description ==
An Arbitrator informed the internal Auditor that (s)he accidentally send a mail intended to CAcert support to a wrong e-mail address; the mail contained a primary e-mail address of a CAcert member. Up to three non-involved people saw the mailing.

== 3. Containment Actions ==
The internal Auditor asked the Arbitrator to (1) inform the false recipients to delete the accidentally received e-mail and not disclose the information containing. The Arbitrator should also (2) inform the member affected about the mistake and the containment action.

== 4. Root Causes ==
This data privacy breach of a single data happened by mistake.

== 5. Permanent Corrective Actions ==
There are no additional actions needed.

== 6. Verify Corrective Actions ==
N/A

== 7. Preventive Actions ==
There are no additional actions needed.

== 8. Approval & Closure ==
|| '''Approved'''    || 2015-08-11 [[https://community.cacert.org/board/motions.php?motion=m20150803.1|m20150803.1]] ||
|| '''Date closed''' || 2015-02-21 ||

----
 . CategoryAudit
 . CategoryIncident