Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

NHS Email Blunder Spams Health Service

An NHS worker accidentally sent an email on Monday morning to everyone in the health service, causing knock-on delays and inbox misery at the start of the week.

As soon as the message went out to around 840,000 NHS employees, many apparently exacerbated the problem by hitting “reply all” when responding to say they shouldn’t have received the email – further spamming inboxes.

An NHS Digital spokesperson admitted in a statement that “a number” of accounts had been operating “slowly.”

“This was due to an NHS Mail user setting up an email distribution list, which inadvertently included everyone on the NHS Mail system. This was not the fault of the user and was due to a bug in the supplier's system,” they added.

"As soon as the issue was identified, our supplier disabled the distribution list so that no-one else could respond to it. We anticipate that emails sent before the distribution list was disabled will soon stop being received and that the issue will be resolved."

Dan Sloshberg, cyber resiliency expert at email security firm Mimecast, claimed that today’s dependency on email means that any outages or delays can have a huge impact on employee productivity.

“This NHS email overload highlights that human or technical error is unavoidable and organisations must plan accordingly,” he added.

“Organizations need a cyber resilience strategy to ensure productivity is not lost and employees can continue working even when an incident occurs – whether it was caused by external cyber-criminals or unintended internal errors.”

Email blunders like this are far from rare.

Last month, the president of US publisher Barron’s accidentally hit “reply all” on a confidential email and let slip plans to lay off staff to the entire Wall Street Journal newsroom.

And last year, a hapless member of the G20 staff accidentally emailed the personal details including passport numbers of 31 world leaders attending the summit in Brisbane to the organizers of the Asian Cup football tournament.

What’s Hot on Infosecurity Magazine?