November 10, 2015 at 15:38How MTT leaked its customer base
The MTT employee inattentively included in the mailing list, instead of the commercial offer, a list of emails from his 13 thousand client companies for which this mailing was intended.
Recently I had a chance to give a grenade into the hands of a monkey, it was so scary that I had to quickly sketch out a separate configuration in 1C so that at least it would not explode so much, if that ... And then I get a letter, look and just be touched, how did it go, more than a dozen years, and things are still there - we hammer in nails with a microscope!
We have large companies that allow ordinary mortals and companies in 2 clicks to get a clean city number and land by SIP, one of these companies is MTT. All the charm in the transparency of such a number is a contractual relationship and an explicit connection to the subscriber (against cheap operators, which, sometimes, it is not clear how the number lands). So I first became a corporate client, and then as an individual.
Have you met with the fact that to get one service you need to buy an elephant?
Here it is. There is a number, but to use it you will need to pay for a virtual telephone exchange. Who understands what this is about, they will understand me more than perfectly: the company that lands the number for a month sends calls to your endpoint, but does it only on the “toll motorway” —this is about the virtual PBX. For many, the thing is absolutely superfluous and unnecessary, and the money is decent - the equivalent of 5-10% of the minimum wage.
Even in times of greater abundance of money, we often paid for the air and agreed with this. And then, the first crisis came, then the second, the companies began to lack money, and the air was also sold more expensive. So, an unnecessary elephant has become more expensive for end users. In my head, of course, an approximate representation of the processes of a large company was formed, which had large expenses for the development, coordination of projects and the like - there seemed to be a rationale for increasing air prices. Not to say that I believe in fairy tales, but I always want to believe in something good. I believed again.
How many do not work, but you always work for the system. Sometimes the system has to be changed so that there is more money left for itself, so are other companies that provide no less white connection to the telephone network, but at more tasty prices, more precisely without forcing to use toll roads. So a big company becomes unnecessary and is forgotten about it ...
“We certainly want to keep you informed of all our changes despite the fact that you have not been using our services for a couple of years now” - this is how tons of letters appear in our inboxes. Just like that. I’m constantly heading into some projects and looking through these letters to roughly understand which company has what problem and how they react - the appearance of any letter was provoked by something and often there is useful information between the lines on the topic “what happened in the world, while you are like an ostrich, you delved headlong into your project. ” This time this information was not. Forgot to attach it.
In the next newsletter, they forgot to attach a document that they asked to read ... Although, no!
They didn’t forget, but mixed it up - they attached the wrong file. Well, the person was mistaken. Anything can happen.
Wait, who was wrong? How wrong? But what about personal data? What about security? Is the security service already disbanded?
For the most part, large companies live solely on the fact that all processes are put on the rails and operate confidently. If recruitment, then streaming. If the machine, then from morning to evening and over one part, each of which must be checked by a quality control officer. Only in this way are systems and companies resistant to failures built up.
We do not have money for laying railways, we constantly spend on something, but not on what is needed - a fact.
That’s why there are holes on the roads, because we have couriers from among students with discounted travel cards, that's why they put lanit at the stops one summer, and the next asphalt again, as if throwing out the unnecessary lanit - this is an example of how and where the money goes, which initially reasonably beat out for the task.
“Never hear, guys, never check whether the result matches the plan!” - I can only explain what is happening regularly with this instruction of the chief.
Think for a moment: a
large company organizes mailing lists for its customers. To accomplish this task, you need a list of customers and the information you need to convey. In addition, a large company operates with personal data and a number of laws must comply, establish clear rules for dealing with such data and the like.
Also, it would be nice to send a test letter to yourself for monitoring, to verify that everything looks as it should, does not contain anything superfluous, lawyers, by the good thing, should read and say “it is possible” when mass mailing. The security service, for its part, must say yes. And this is not a bureaucracy - these gears will crank very quickly and imperceptibly, if the system is on rails. But yes ... we are in Russia.
Remember the years 2000-2004, only computers were widely used, Internet was actively being laid in our offices and at home, there were few IT infrastructures and only everything was on its feet. Then I could imagine a secretary who keeps a file with the data of subscribers and does the newsletter manually, if necessary.
10 years have passed. We have large databases, entire systems that allow us to process and manipulate information in any way, and most importantly, to control access, protect private data and the like. Now imagine that it’s all there, they spent a lot of money on it, and then we take this expensive microscope and with all our strength we hit the nail head that sticks out of the wall after the builder’s work - everything is in the trash.
Warning: I am not an employee of MTT, I am an ordinary mortal of this world, capable of perceiving, digesting information and drawing conclusions, relying on my experience, having recreated one of the possible variants of the incident that I am sharing with you.
- All customer data can be stored in a centralized database, which is what actually happened.
- The task of informing customers to solve centrally - everything was so. There is a certain system that did the newsletter.
- Create a list of recipients of information centrally - that's it, I do not argue.
- Hide the addresses of real recipients from any operator. No, that was not done. Employees operated with "bundles" of recipient addresses - the very "Excel" files with recipient lists.
- Agree on the contents of the newsletter. No, this was not done in any way. Moreover, there is an opinion that there are no procedures for coordinating such a distribution. Nobody puts a visa “complies with the law / safety rules / legally permissible” and so on.
- Make a newsletter to the test address - for control. This was not done either, everything is urgent with us, we must do it “yesterday”, therefore we do everything at once in combat mode. Well, the truth is, why spend half an hour of time checking, rechecking and approving, if you can have a break, recall a newsletter (still make a newsletter). Anyway, we are not afraid of any bears, or sanctions, no laws, no bosses - it will not give a prize anyway, it will trample my offer, and even make it extreme.
Briefly about this will flash somewhere in the news, I think, and I tried to convey the key information that we are responsible for everything that we do. Not the company made a mistake, according to which information about a little more than 13 thousand subscribers became available to 13 thousand (and then to the whole world), quite specific people who performed their duties made a mistake, someone simply negligently - neglecting work , someone without sufficient will to object and prevent the system from being operated without modification. Some of the bosses are overly self-confident and can not listen to subordinates. We have such a culture - to work for "leave me alone." That is what we need to change if we want to change at least something for our generation and our children. I sincerely believe that if we stop doing “bad”, nothing bad will happen, the maximum - we will lose our jobs, companies, some of us are chic cottages and tons of kickbacks, but the most important thing is that the less low-grade garbage in our lives we do, the more really good works are appreciated. Every time we do something anyhow, we do not give a chance to those who do it well - hack-workers dump the market of professional specialists, pushing our world to chaos. By the way, I must say thanks to the state for laws that somehow restrain this chaos from the idiots living among us. who does this well - hack workers dump the market of professional specialists, pushing our world to chaos. By the way, I must say thanks to the state for laws that somehow restrain this chaos from the idiots living among us. who does this well - hack workers dump the market of professional specialists, pushing our world to chaos. By the way, I must say thanks to the state for laws that somehow restrain this chaos from the idiots living among us.
So, if you happen to be an MTT client as part of your magic service, then you will receive a letter in which you will find a file with e-mail addresses, among which will be yours. This is the same file that the operator manually uploads to the system in the "distribution list" field. Somewhere nearby he should attach a file - an appendix to a letter with news about which the company was in a hurry to inform. Everything was so stupidly done by everyone that the system allowed it to crank up, the operator did not pay due attention - even the file names were not read in the control, and finally - the lack of any control of the result before mass sending allowed the rocket with the monkey to launch into space, providing it with a nuclear suitcase for another attempt to destroy earthlings.
Big companies are big problems
Recently I had a chance to give a grenade into the hands of a monkey, it was so scary that I had to quickly sketch out a separate configuration in 1C so that at least it would not explode so much, if that ... And then I get a letter, look and just be touched, how did it go, more than a dozen years, and things are still there - we hammer in nails with a microscope!
Background
We have large companies that allow ordinary mortals and companies in 2 clicks to get a clean city number and land by SIP, one of these companies is MTT. All the charm in the transparency of such a number is a contractual relationship and an explicit connection to the subscriber (against cheap operators, which, sometimes, it is not clear how the number lands). So I first became a corporate client, and then as an individual.
We are a big office - we want to eat a lot!
Have you met with the fact that to get one service you need to buy an elephant?
Here it is. There is a number, but to use it you will need to pay for a virtual telephone exchange. Who understands what this is about, they will understand me more than perfectly: the company that lands the number for a month sends calls to your endpoint, but does it only on the “toll motorway” —this is about the virtual PBX. For many, the thing is absolutely superfluous and unnecessary, and the money is decent - the equivalent of 5-10% of the minimum wage.
Nobody forbade breathing, but the air was paid!
Even in times of greater abundance of money, we often paid for the air and agreed with this. And then, the first crisis came, then the second, the companies began to lack money, and the air was also sold more expensive. So, an unnecessary elephant has become more expensive for end users. In my head, of course, an approximate representation of the processes of a large company was formed, which had large expenses for the development, coordination of projects and the like - there seemed to be a rationale for increasing air prices. Not to say that I believe in fairy tales, but I always want to believe in something good. I believed again.
When not enough money for air
How many do not work, but you always work for the system. Sometimes the system has to be changed so that there is more money left for itself, so are other companies that provide no less white connection to the telephone network, but at more tasty prices, more precisely without forcing to use toll roads. So a big company becomes unnecessary and is forgotten about it ...
Dear Subscriber!
“We certainly want to keep you informed of all our changes despite the fact that you have not been using our services for a couple of years now” - this is how tons of letters appear in our inboxes. Just like that. I’m constantly heading into some projects and looking through these letters to roughly understand which company has what problem and how they react - the appearance of any letter was provoked by something and often there is useful information between the lines on the topic “what happened in the world, while you are like an ostrich, you delved headlong into your project. ” This time this information was not. Forgot to attach it.
We are all humans
In the next newsletter, they forgot to attach a document that they asked to read ... Although, no!
They didn’t forget, but mixed it up - they attached the wrong file. Well, the person was mistaken. Anything can happen.
The non-obvious became apparent
Wait, who was wrong? How wrong? But what about personal data? What about security? Is the security service already disbanded?
Rails of large companies
For the most part, large companies live solely on the fact that all processes are put on the rails and operate confidently. If recruitment, then streaming. If the machine, then from morning to evening and over one part, each of which must be checked by a quality control officer. Only in this way are systems and companies resistant to failures built up.
And we live in Russia!
We do not have money for laying railways, we constantly spend on something, but not on what is needed - a fact.
That’s why there are holes on the roads, because we have couriers from among students with discounted travel cards, that's why they put lanit at the stops one summer, and the next asphalt again, as if throwing out the unnecessary lanit - this is an example of how and where the money goes, which initially reasonably beat out for the task.
Testing? - No, I have not heard!
“Never hear, guys, never check whether the result matches the plan!” - I can only explain what is happening regularly with this instruction of the chief.
Think for a moment: a
large company organizes mailing lists for its customers. To accomplish this task, you need a list of customers and the information you need to convey. In addition, a large company operates with personal data and a number of laws must comply, establish clear rules for dealing with such data and the like.
Also, it would be nice to send a test letter to yourself for monitoring, to verify that everything looks as it should, does not contain anything superfluous, lawyers, by the good thing, should read and say “it is possible” when mass mailing. The security service, for its part, must say yes. And this is not a bureaucracy - these gears will crank very quickly and imperceptibly, if the system is on rails. But yes ... we are in Russia.
A little bit about the sore and urgent of this world
Remember the years 2000-2004, only computers were widely used, Internet was actively being laid in our offices and at home, there were few IT infrastructures and only everything was on its feet. Then I could imagine a secretary who keeps a file with the data of subscribers and does the newsletter manually, if necessary.
10 years have passed. We have large databases, entire systems that allow us to process and manipulate information in any way, and most importantly, to control access, protect private data and the like. Now imagine that it’s all there, they spent a lot of money on it, and then we take this expensive microscope and with all our strength we hit the nail head that sticks out of the wall after the builder’s work - everything is in the trash.
How it could be done and how it was done
Warning: I am not an employee of MTT, I am an ordinary mortal of this world, capable of perceiving, digesting information and drawing conclusions, relying on my experience, having recreated one of the possible variants of the incident that I am sharing with you.
- All customer data can be stored in a centralized database, which is what actually happened.
- The task of informing customers to solve centrally - everything was so. There is a certain system that did the newsletter.
- Create a list of recipients of information centrally - that's it, I do not argue.
- Hide the addresses of real recipients from any operator. No, that was not done. Employees operated with "bundles" of recipient addresses - the very "Excel" files with recipient lists.
- Agree on the contents of the newsletter. No, this was not done in any way. Moreover, there is an opinion that there are no procedures for coordinating such a distribution. Nobody puts a visa “complies with the law / safety rules / legally permissible” and so on.
- Make a newsletter to the test address - for control. This was not done either, everything is urgent with us, we must do it “yesterday”, therefore we do everything at once in combat mode. Well, the truth is, why spend half an hour of time checking, rechecking and approving, if you can have a break, recall a newsletter (still make a newsletter). Anyway, we are not afraid of any bears, or sanctions, no laws, no bosses - it will not give a prize anyway, it will trample my offer, and even make it extreme.
What happened
Briefly about this will flash somewhere in the news, I think, and I tried to convey the key information that we are responsible for everything that we do. Not the company made a mistake, according to which information about a little more than 13 thousand subscribers became available to 13 thousand (and then to the whole world), quite specific people who performed their duties made a mistake, someone simply negligently - neglecting work , someone without sufficient will to object and prevent the system from being operated without modification. Some of the bosses are overly self-confident and can not listen to subordinates. We have such a culture - to work for "leave me alone." That is what we need to change if we want to change at least something for our generation and our children. I sincerely believe that if we stop doing “bad”, nothing bad will happen, the maximum - we will lose our jobs, companies, some of us are chic cottages and tons of kickbacks, but the most important thing is that the less low-grade garbage in our lives we do, the more really good works are appreciated. Every time we do something anyhow, we do not give a chance to those who do it well - hack-workers dump the market of professional specialists, pushing our world to chaos. By the way, I must say thanks to the state for laws that somehow restrain this chaos from the idiots living among us. who does this well - hack workers dump the market of professional specialists, pushing our world to chaos. By the way, I must say thanks to the state for laws that somehow restrain this chaos from the idiots living among us. who does this well - hack workers dump the market of professional specialists, pushing our world to chaos. By the way, I must say thanks to the state for laws that somehow restrain this chaos from the idiots living among us.
So, if you happen to be an MTT client as part of your magic service, then you will receive a letter in which you will find a file with e-mail addresses, among which will be yours. This is the same file that the operator manually uploads to the system in the "distribution list" field. Somewhere nearby he should attach a file - an appendix to a letter with news about which the company was in a hurry to inform. Everything was so stupidly done by everyone that the system allowed it to crank up, the operator did not pay due attention - even the file names were not read in the control, and finally - the lack of any control of the result before mass sending allowed the rocket with the monkey to launch into space, providing it with a nuclear suitcase for another attempt to destroy earthlings.