Incident i20150219.1

History Log

1. Incident Response Team

2. Incident Description

An Arbitrator informed the internal Auditor that (s)he accidentally send a mail intended to CAcert support to a wrong e-mail address; the mail contained a primary e-mail address of a CAcert member. Up to three non-involved people saw the mailing.

3. Containment Actions

The internal Auditor asked the Arbitrator to (1) inform the false recipients to delete the accidentally received e-mail and not disclose the information containing. The Arbitrator should also (2) inform the member affected about the mistake and the containment action.

4. Root Causes

This data privacy breach of a single data happened by mistake.

5. Permanent Corrective Actions

There are no additional actions needed.

6. Verify Corrective Actions

N/A

7. Preventive Actions

There are no additional actions needed.

8. Approval & Closure

Approved

2015-08-11 m20150803.1

Date closed

2015-02-21


Audit/Incidents/i20150219.1 (last edited 2015-08-12 21:44:01 by BenediktHeintel)