Let’s Encrypt Accidentally Leaks Some E-Mails

OOOPS!

Let’s Encrypt, the non-profit Certificate Authority (CA) that helps website administrators switch from HTTP to HTTPS quickly and effortlessly, has accidentally leaked 7,618 email addresses of its users.

“Backed by the EFF, Mozilla Foundation, and several others organizations, Let’s Encrypt made some welcome security choices when it hired outside experts to conduct a security review of its software and the protocol it uses for automatic certificate issuance and management, and issued its first transparency report even before issuing its first certificate. Still, no one is immune from making mistakes. In this case, the mistake seems to have been the result of bug in the automated system used to send out email to active subscribers.”

Details may be found at https://www.helpnetsecurity.com/2016/06/13/lets-encrypt-leaks-email-addresses/.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s