BCC Fail: Health Start-Up Thirsty Off to a Rough Start By Exposing Its 381 Beta Users’ Email Addresses

email is hard BCC Fail: Health Start Up Thirsty Off to a Rough Start By Exposing Its 381 Beta Users Email Addresses

It's true.

Thirsty, a Palo Alto-based start-up that is “revolutionizing healthcare with simplicity,” has not launched yet. But the start-up just blasted the 381 people who signed up via a Launchrock teaser splash page, and, oops, included everyone in the “CC” field so that their email addresses were visible to each other, and anyone the email was forwarded to (including Betabeat).

Considering general decorum dictates you stand a few feet behind the person in front of you at the pharmacy, you’d think a health start-up would be more careful about privacy–especially when asking for personal details from its users before they’ve even used the website.

The email promised to send invites to the app soon. But first, users need to answer a few question. “Before I send you guys invites I wanted to get your feedback on the following points,” writes co-founder Michael Abehsera, and posed the following probing questions:

1. What are some of the points you would like to improve most in your health?

2. What are the things you forget the most when it comes to improving your health.

3. If there is one feature you want us to build for you what would it be?

“ATTENTION – DO NOT USE REPLY TO ALL – sorry for the caps but privacy
is an important issue,” one Brooklyn techie replied to the list.

What’s up with that? Betabeat asked Mr. Abehsera via Twitter and email. “I know it’s a disaster and I really apologize,” he wrote back. “I have not slept last night and didn’t realize I put the emails in the to: field, I was sure it was in the BCC. Privacy is my number one concern and knowing which healthcare problems people are trying to solve, I am really not happy about this, again I apologize.”