Can Boards please confirm if there was a data breach in users email addresses being publicly exposed on the website? I have seen a post where a user has mentioned that they were able to see another users email address on their profile.
Maybe they had the following setting ticked in the 'Edit Profile' page? Although I'm not sure if that means it becomes visible only on your profile page or on posts too etc. Not going to tick it to find out. 😂
Why on earth would such an option even exist in this day & age? I can only hope to god it is turned off by default, mine is off but I can't remember if I done that or not when the changeover happened.
I don’t think any right minded person would click on that.
An official response will be interesting. I’ve read that one poster was able to find a users full identity and LinkedIn profile from a displayed email address on his boards.ie profile.
But that’s surely on that poster for being dumb and turning on that option?
Thats hardly boards’ issue
What!!!!!!
This is unbelievable. How the hell do I navigate the site to make sure no one can see my e-mail address.
If you go to your profile there's an option after you're e-mail address to make it private....hurry!!!
Is it possible on the touch site?
Yep, it is.
Unless it was on by default, or off and it showed anyway like he alluded to above...
They went with the lowest bidder and picked a company, outside the EU, that took days longer than promised for a relatively simple data transfer and doesn't work weekends even when they have left a client with no website.
If our data isn't already being flogged by hackers on the dark web it will be very very soon.
Where did you read this?
Over in AH.
Right Jeffkenna, I think mine is ok but would you mind trying to look at my profile to see if you can see my email + please let me know!
This really is disgraceful. Thanks.
On my profile, it is an opt in box, not an opt out. Its a burner account so doesnt matter.
My email address is identifiable to me.
I used it because when I signed up with boards originally my email address wasn't up there in public, only held by administrators which is grand.
However it is actual a GDPR breach if the conditions are changed from what you originally signed up to and exposing your email address for everyone to see on boards it a GDPR breach and not what I originally signed up for!
You are meant to be notified if your personal information is going to be storaged differently in anyway and I got no notification from boards!
I'm looking into reporting this data breach although if country outside EU I don't know if data commissioner can do anything but I'll enquire anyway.
It just comes up as no permission to see profile.
Your profile is set to private and not viewable by anyone. Your email address is only viewable to you when you look at your own profile, not viewable to others, unless you choose to make it visible by ticking the box
With respect, you don’t know what you’re talking about.
Thanks for your help, Jeff I changed it to private following your steps so I know now I'm sorted!
In fairness the whole new set up of boards has been an absolute mess with bugs everywhere for some people.
In some cases this box might have been actived by mistake for people or they clicked it by mistake been unfamiliar with new layout.
Nowhere was it explained to people with change over that they now need to be careful that their email address wasn't open for everyone to see!
That's exactly why I'm not on Twitter or Facebook!
Given the absolute mess the site is in, it would not surprise me if there was a window during development that email addresses were exposed.
But you’ve zero proof?
it’s an opt in to display your email
and if it was enabled by default on some profiles?
There's been no evidence put forward that has actually happened to anyone so at the moment this is just unnecessary scaremongering. If you find some evidence, PM it to me and I will open the thread again.
Just read the thread.
Locking up that tread @Fr_Dougal was a load of bollox by @Mickeroo. The whole premise of the thread was to get Boards to clear up the uncertainty surrounding the issue for some users.
Given the condition the site is in (and was in), it was a very valid and pertinent question. The answer of which would have gone a long way to alleviate any user concerns, @Mickeroo has undermined that and made it look like there's something to hide.
Locking it up while accusing the OP of scaremongering and demanding proof from the OP is ridiculous. The OP had no proof, hence he was requesting Boards input, ridiculous call by @Mickeroo.
People have lost faith in this place, locking threads with genuine queries under the guise of trouble making doesn't help @Mickeroo
It remains a valid and unanswered question, was there a time when email addresses were default accessible to all?
If not, then great but don't dissmiss the query and lock the thread because you don't have an answer.
What's the name of that AH thread?
https://www.boards.ie/discussion/2058199626/has-the-1-week-downtime-move-to-vanilla-killed-this-place/p10
...
I believe in full transparency, now more than ever. It’s the only way our users will trust us. On July 15th, I was able to view the email address of a Boards user who had just been banned. Instead of going to see who else’s email address I could potentially view, I immediately sent a PM to Mark, and he immediately acted upon my report. CC @Mickeroo as the admin who acted upon the report along with @Fr_Dougal and @ReginaldSmythV and @Leg End Reject as and @Signore Fancy Pants as complainants.
I suppose I should clarify that I was talking about being able to see them as a feature as opposed to through a bug. Either way, I've never seen anyone's email address before or after the migration.