HomeMobile PhonesEssential accidentally leaked customer data over email

Essential accidentally leaked customer data over email

Essential Phone

Essential has landed itself smack-dab in the middle in a customer service nightmare which has raised a lot of questions about the handset maker’s credibility. The company recently sent out an email to its customers asking them for ID proof and other details, but made an error which resulted in the replies getting shared with everyone on the email chain.

This colossal mistake first came to light via a Reddit user who posted the entirety of the email to the site. As per the missive, Essential’s order review team required additional verifying information to complete orders, asking customers to email the company their alternative email, phone number, and photo ID like their passport or driver’s license.

The poster claims he soon began receiving replies from random customers, though he noted that most were cancellation requests. Many Redditors assumed that this was a phishing scam, but Essential later confirmed that the email came from them.

Also See: Essential Phone finally goes up for pre-orders

Essential CEO Andy Rubin claims that roughly 70 customers unknowingly shared their personal information with the others on the chain. He’s now apologizing for the mishap, calling it humiliating and offering a year’s worth of LifeLock subscription and a free Essential Phone to the affected clients. The company has since disabled the misconfigured account to stem the flow of emails.

Essential has also promised to invest more heavily in its infrastructure and customer care. However, Rubin’s blog post doesn’t directly address the fact that his firm thought it was appropriate to ask for a customer’s ID proof over email. Companies typically don’t ask for such sensitive information through the medium given the security risks involved.

Moreover, people are routinely advised to never give out personal data over email since it’s more often than not a phishing scam. The fact that it’s not in this case is pretty surprising and raises questions about how safe a user’s data will be with Essential.