IKEA inadvertently exposed over 400 email addresses due to human error

• The company has sent out an apology email to all its customers after the incident.
• The firm made another mistake by sending half the recipients an internal draft of the apology notice.

Swedish furniture giant IKEA has accidentally exposed over 400 email addresses to other customers due to a human error. The company has sent out an apology email to all its customers after the incident.

What happened?

A spokesperson for IKEA Singapore revealed that the incident occurred on August 1, 2019. It made an error of inserting 410 individual email addresses in the ‘To’ field in an IKEA service delivery promotion email sent to other customers. This made the email addresses visible to all recipients of the mailers.

In its haste to send notifications to the customers about the incident, the firm made another mistake by sending half the recipients an internal draft of the apology notice.

"In our haste to notify the customers as quickly as possible, we again made a mistake by sending half the recipients an internal draft of the apology notice instead, an oversight that we are embarrassed about," IKEA said, The Straits Times reported.

How did the company respond?

IKEA claims to take customers’ personal data integrity seriously. It notified the Personal Data Protection Commission of Singapore (PDPC) regarding the incident.

The bottom line

This the third breach by retailers in two weeks. Last week, international beauty retailer Sephora said it suffered a data breach that exposed the personal information of online customers in South Asia countries like Singapore, Malaysia, Indonesia, Thailand, Philippines, New Zealand, and Australia. Apart from this, electricity retailer Geneco is being investigated by the PDPC for exposing the email addresses of more than 350 of its potential customers.