Steve's Ramblings


Corporate America is failing basic email security

Filed under: Uncategorized — sriggins @ 2:23 pm

My Dominos pizza order is about to be delivered.  My AT&T bill is due.  The problem is, I didn’t order pizza from dominos and I had already paid my AT&T bill.

Neither Dominos nor AT&T verified supplied customer email addresses. Both times, a user entered the wrong email address, an email address that belongs to me.  The email address is similar to their email address, but they clearly mistyped the address and now their web browser has stored the incorrect email address in their form auto fill preferences.

The real problem, however, is that these companies did not do what even basic open source forum software does – verify your email address.  If Dominoes or AT&T had, the verification email would have come to me and I would have rejected it.  Then when the user logged back into their account, they would be notified that the email address was rejected.

Apparently, these companies just accepted the email address and went on with life.  Now these people are not getting their bills from AT&T.  Even worse was Dominos.  I not only received an email verifying a customer’s delivery order, the email contained the customer’s home address and phone number.

This was an egregious violation of security.  I emailed Dominos and received a reply that was less than acceptable.  I don’t think they understand why sending out personal information to an unverified email address is not ok.

Do you know of any other companies that don’t verify email addresses?



Leave a Comment »

No comments yet.

RSS feed for comments on this post.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at

%d bloggers like this: