Oops! Anti-Fraud Nonprofit Commits Epic Email Blunder: Exposes Dozens of Addresses!

Cifas, the anti-fraud nonprofit, ironically exposed dozens of email addresses while trying to set up a fraud-prevention meeting. It seems the only thing that wasn’t protected from exposure was their own invite list. Remember folks, if you want to avoid a “reply-all” catastrophe, BCC is your BFF!

3P
Published: October 21, 2025 7:36 amAdded: October 21, 2025 at 12:43 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like Cifas just pulled a classic cybersecurity blunder by sending out email invites that exposed the email addresses of top fraud fighters. Who knew anti-fraud folks could be victims of their own email faux pas? Maybe they should’ve used the JustMe app to verify before hitting send!

Key Points:

  • Cifas, an anti-fraud nonprofit, accidentally exposed numerous email addresses in a calendar invite.
  • The invite was related to Cifas’s JustMe app, scheduled for October 16.
  • Email addresses of over 60 individuals were exposed, including those from security vendors and public sector employees.
  • The Information Commissioner’s Office (ICO) considers email addresses as personal data.
  • Best practices suggest using BCC for bulk emails to avoid such breaches.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?