I received a curious email today - an internal correspondence between a manager and some employees of a large Israeli travel agency, discussing a problem with billing some clients - including a screenshot from the internal ordering system, with the full details of a couple of credit cards, expiration dates, CVC numbers, personal details, etc. After the initial surprise, I guessed it was a typo error when filling the To: field in an email, and my name was autocompleted by mistake. I dealt with this agency once, about three (!) years ago, and so apparently was in the contacts list of the manager.
I responded with a somewhat cynical response informing about the mistake, and hoping that such a serious company would be more careful with my financial details as a customer. I received a quick response with an apology and an assurance my details are "out of reach of the systems' users". Oh, and the response began with - "Honorable DR,"...
Besides the humorous aspect, and the personal mistake made by the sender, such mistakes are inevitable, and are symptoms of the problem with the system, not the user. People will always make mistakes, and the design of the current email apps and the contacts autocompletion is that it is very easy to enter the wrong recipient - and hard to notice the error, especially when two people may have the same or similar names. Thus it is quite easy to sent some personal or sensitive internal communication to the outside world - and it's a mistake that might be impossible to undo. And in the specific case described above - I wonder why would my email even be in the autocompletion list, after a short communication three years ago?
Some solutions exists, but aren't sufficient or widespread at the moment.
One is to completely separate internal and external networks - to reduce the chance for information leak. This is used in security related organizations, but is very difficult to justify in most situations as internet access is critical in today's workspace. And it still does not prevent from sending an email to the wrong person in the organization (I remember quite a few such cases from my own service, ranging from highly classified information to very intimate conversations being misdirected).
A much more productive direction is for the system to give the sender a lot more information about the intended recipient, making spotting a mistake very easy at a glance - a thumbnail picture (like when sending a message in Facebook, also possible for internal organizational users), his/hers role or company name, and perhaps an infographic of how frequently are you communicating with that person.
I don't remember at the moment, but I read of some start-ups who have a product that enriches the email interface with lots of useful information about the recipients. And there's a Google Labs experiment called "Got the wrong Bob?" that tries to warn you if you choose a wrong recipient based on your usage patterns.
If you know of any existing solutions for this being employed, or have similar stories - you are welcomed to share...