Swedish furniture giant Ikea has apologized after accidentally disclosing over 400 email addresses of Singapore customers in a promotional mailer last week.
At about 5pm on Thursday, the company inserted all that data into the “To” field of its service delivery promotion email before sending it out to customers, making all the individual email addresses visible to anyone who received it.
The embarrassment didn’t end there for Ikea, which then promptly sent a draft version of its apology to about 200 people as it rushed to salvage the situation.
“In our haste to notify the customers as quickly as possible, we again made a mistake by sending half the recipients an internal draft of the apology notice instead, an oversight that we are embarrassed about,” an Ikea spokesperson told Coconuts Singapore in a statement.
“We sincerely apologize for causing our customers unease and inconvenience with the email oversight,” it added.
Ikea also said that it has notified Singapore’s privacy watchdog — the Personal Data Protection Commission (PDPC) — of the error and that it would look at implementing ways to prevent a recurrence in the future, such as reviewing its procedures, technology, and training.
Last week, beauty retailer Sephora admitted to disclosing the data of online customers in countries including Singapore, Indonesia, Thailand, and Malaysia.
Personal information that may have been exposed to unauthorized third parties included the customers’ first and last names, dates of birth, genders, e-mail addresses, encrypted passwords, and beauty preferences, reported The Straits Times, adding that no credit card information was accessed.
Sephora did not reveal the number of customers who had been affected by the breach.
In a statement to Coconuts Singapore, the PDPC said that it has been informed of both incidents and is looking into them.
Related stories:
Singapore govt to review how it handles data after one too many data breaches
Red Cross website hacked in latest Singapore cyber attack
Reader Interactions