A single challenge registration confirmation email was CCed to everyone who entered, handing over a complete email list in the process. The BCC failure gaffe was brought to our attention by a Reg reader who questioned the mistake, a violation of the challenge's privacy policy. He received a reply blaming "human and administrative error" for the cock-up, so we can rule out the possibility that the CC to BCC error was somehow part of the forensic challenge itself.
Of course, this was a trivial mistake and no real harm was done, but people are entitled to hold the Cyber Security Challenge team to a higher standard of security aware behaviour than would otherwise be the case.
In a statement, the organisers of the challenge apologised for the minor snafu and promised to review their procedures to prevent a repetition of the incident.
An administrative error this week resulted in some competitors email addresses being copied rather than blind copied in an email. We apologise to anyone who was affected by this mistake.We immediately set in motion a review of our processes and are actively seeking to minimise the risk of any further errors.
The email, which was sent on Monday, contained 370 unique email addresses. ®