7 Exercise Tips How to Stream 'Rabbit Hole' Roblox's AI Efforts 9 Household Items You're Not Cleaning Enough Better Sound on FaceTime Calls 'X-Ray Vision' for AR 9 Signs You Need Glasses When Your Tax Refund Will Arrive
Want CNET to notify you of price drops and the latest stories?
No, thank you

FTC settles e-mail privacy probe

Drugmaker Eli Lilly , which unintentionally disclosed e-mail addresses for hundreds of people, agrees to beef up its existing security, but the settlement does not include fines.

The Federal Trade Commission said Friday that it has settled a privacy investigation into drugmaker Eli Lilly's unintentional disclosure of e-mail addresses for hundreds of people.

The FTC said Eli Lilly violated its online privacy policy during the incident. The company has agreed to beef up its existing security and to create an internal program to prevent future privacy violations.

The company does not face fines because the incident was unintentional and not a clear case of fraud, J. Howard Beales, III, director of the FTC's bureau of consumer protection, said during a press conference.

The privacy incident occurred last June when an employee accidentally sent an e-mail to 669 people with all of their e-mail addresses included in the "to:" line. The message announced the discontinuation of the company's Medi-messenger service, which allowed people taking the anti-depressant medication Prozac to create automated e-mail reminders.

The FTC alleged that Eli Lilly failed to implement safeguards to prevent these types of privacy and security breaches. The agency also said the company did not provide adequate employee training to prevent these situations from happening.

"They made a promise which we understood to mean that Lilly employees measure and take steps to protect privacy," Beales said. "They didn't take the measures and steps."