Educational Site Code.org Accidentally Showed Volunteers’ Data to Marketers

The nonprofit website that teaches inquisitive minds of all ages to code has acknowledged that there was a system bug that exposed helpers’ email addresses.

Code.org discovered and fixed the error on March 11.

The organization learned of the hole when some of its volunteers started receiving unsolicited emails offering jobs. Those offers were sent by “a technical recruiting firm in Singapore.”  Volunteers wondered how that firm had found their addresses.

The recruiting firm says it won't do it again and has promised to delete the email addresses harvested.

Code.org says it does not store email addresses for kids under 13, the target market for its Hour of Code lesson series.

“This wasn’t a case of hackers breaching our security systems,” writes Code.org CEO Hadi Partovi, “rather it was our mistake of leaving volunteer email addresses accessible via the web browser.”