Security firm trashes customer e-mails

E-mail scanning provider GFI accidentally deletes thousands of messages while updating systems.

2 min read
An e-mail security scanning company has accidentally deleted thousands of its customers' e-mails.

GFI, a Microsoft "gold certified partner," is offering free upgrades to all its customers, after it trashed their e-mails by sending out incorrect update information.

According to GFI, the problem occurred because of a change in BitDefender's technology, one of the products that GFI uses for its e-mail scanning.

"Unfortunately, some changes had been made to BitDefender," said Angelica Micalleff-Trigona, public relations manager at GFI. "We were not aware of this, and we did not foresee this problem. We are deeply sorry for what happened. It took us by surprise."

When the GFI MailSecurity update mechanism tried to install BitDefender updates on customer networks, the service started to delete all e-mails by default. BitDefender and GFI then rolled back the updates.

"We've learned our lesson," a BitDefender representative said Thursday. "From now on, we'll try to give more support to our integration partners. The other companies that integrate our scanning engine did not have the same problem."

A ZDNet UK reader affected by the problem said a GFI salesman told him that the update had not been tested.

"We were pretty surprised this morning to find that all of the e-mail which arrived overnight had been deleted," wrote Jeremy Whiteley, chief executive officer at Promarketing Gear. "Even more troubling was the fact that, according to GFI's U.S. sales manager, they released this update without testing it! I guess they expect me and my IT staff to play the role of tester, regardless of the cost to my business?We're reconsidering our reliance on GFI going forward."

GFI denied not testing the update, but apologized for the blunder and has promised all customers a free upgrade to its MailSecurity 9 product, which is available in two months' time. The company has also released a tool that can tell customers which e-mails were deleted and when.