The private e-mail addresses of several hundred customers of Waltham, MA-based Pixily were accidentally shared with other customers Saturday in the aftermath of an Internet routing snafu that left many users unable to reach the document-scanning service for several hours.
The breach, in which names intended for the “bcc” line of a customer service e-mail explaining the routing problem were put into the “cc” line instead, was the result of “human error,” according to Pixily co-founder and chief product officer Anand Rajaram.
The shared data included e-mail addresses only, and involved only a small fraction of Pixily’s customer list—not the entire list, as Fidelity Ventures’ Larry Cheng posted on Twitter today.
“We view customer security and privacy extremely seriously, and we have a level of trust with the people who use us,” Rajaram told Xconomy. “Our customers have been pretty supportive [about the problems] so far.”
In his own tweet this afternoon, Pixily CEO Prasad Thammineni said the e-mail system used to send out the customer service alerts was not the same one used to communicate with customers about their confidential scanned documents. “[The] entire management is in the office to address this issue and to make sure it does not happen again,” Thammineni wrote to Xconomy.
Update 10:45 pm 7/11/09: Pixily has posted an entry on its company blog (and a comment on this story, see below) apologizing for the e-mail error. The post says that the company will automate customer service communications in the future to eliminate the possibility of human error, and it is offering affected users one envelope’s worth of free document scanning.
