Please see the end of the article for the update and resolution.
Are you a customer of MaxCDN? Did you receive an email spam earlier this week from Lisa Freese and Catchpoint? Those two points, odd as it may sound, are related.
I’ve explained before how I use Google Apps and its catch-all ability to generate a unique email address for each site I sign up with so I can label it and filter it easily. If I start receiving spam, I will know where my information was leaked from. Unfortunately, that was the case earlier this week when I received a Catchpoint spam campaign to the email address I use for MaxCDN.
Not only does the message prove Catchpoint now has my email address, but they also have my first name to go along with it. That leaves me, as a customer, feeling vulnerable, violated, and worrying what other information I registered with MaxCDN has been sold, hacked, lost, or given away.
MaxCDN Will Not Sell Your Personal Information. MaxCDN keeps all your information confidential.
MaxCDN, LLC. demonstrates its commitment to our customers’ privacy by providing this statement. We will do everything in our power to ensure your right to privacy. We are committed to developing long lasting relationships that are built on trust. MaxCDN will never violate that trust.
Well, you see the value of MaxCDN’s word and how much they are committed to those long-lasting relationships.
We can already see that MaxCDN and Catchpoint are buddy, buddy. Maybe they didn’t sell the information, just let Catchpoint borrow it or gave it to them for free (sold for $0?). The second line about keeping the information confidential was still broken, no matter how you slice it.
I began to wonder if I was special or if other MaxCDN customers received this unsolicited message. A quick look on Twitter showed another asking the same question with the spam message setting off the same tripwire.
So, I join the chorus asking for answers.
I woke up to this email, also to my MaxCDN email address, confirming MaxCDN’s tie to the e-mail:
I redacted the MaxCDN and my domain whois email address.
“First off I would like to say that I am sorry that you received our emails of information.”
Why did I receive an apology email? Why are you sorry that I received the spam? Was it not intentional? If it was intentional, then you can apologize that it was perceived as spam. If it was unintentional, then you can apologize that your systems were breached. The apology could be that MaxCDN made the decision to spam its customers. The apology could be that MaxCDN didn’t notify its customers ahead of time that they would be periodically emailing them to “educate and inform our audience on the latest trends happening in web performance.”
Do I trust the company that they didn’t sell or give away my information? Does that mean MaxCDN (a brand from NetDNA) just spammed its customers on behalf of CatchPoint? There was no ‘Unsubscribe’ link provided at the bottom of the CatchPoint email as stated in the CAN-SPAM Act compliance guide for businesses from the FTC.
If you are a MaxCDN customer, how do you opt out of these emails? I guess you post to Twitter and let all your followers know that MaxCDN sold your information/spams you on behalf of “partners”. You may also try e-mailing Mr. Kareem Ghanie and ask to be removed.
I had been a happy MaxCDN customer up to this point. In fact, I just renewed the service for another year. When it comes time to renew next year, I will be considering other CDNs.
I have received two different responses – one from MaxCDN and one as a result of Catchpoint looking into the issue. This mixed message came as a result of a third-party company that works with both MaxCDN and Catchpoint, mixing the distribution list and the messages so Catchpoint customers received MaxCDN’s message and MaxCDN customers received Catchpoint’s message. Here is the e-mail I received from Channel Business Development, the third-party company.
I wanted to clarify a recent email that you received from Catchpoint Systems. I am the CEO of Channel Business Development, we are a business development company and presently we work with both NetDNA and Catchpoint in business development. I mistakenly sent you an email from Catchpoint when I meant to send you one from NetDNA. I apologize for any confusion that this has caused you. This was 100% my mistake and was not meant to reflect poorly on either company. Your contact information has not been shared and this will not happen again.
Thank you in advance for your understanding and I personally apologize for the confusion. If you have any concerns please feel free to address them to me directly.
Channel Business Development
In a separate phone call I received from MaxCDN, they explained the mistake in the same way as CBD (contradicting Kareem’s explanation). They also stated that they have terminated their relationship with CBD because they simply cannot have this sort of thing happening.
I appreciate the quick response of all companies involved. I look forward to remaining a MaxCDN customer with the way they decisively handled the issue at hand.