Remember how an unfinished financial release cost Google US$22 billion and the temporary suspension of the trading of its stock? Apparently the Taliban didn’t learn that lesson—their failure to blind carbon copy (BCC) a list of email addresses, which hides other email addresses that the message was also sent to from the recipient, making it look like a regular email, publicly revealed its entire mailing list. For an organization such as the Taliban, which is frequently linked to Islamic fundamentalism and whose leader, Mullah Mohammed Omar, hasn’t been seen for over a decade, this is an extremely fatal mistake, breaking the shroud of secrecy surrounding the organization, showing that even small mistakes in technology can result in drastic consequences.
Most of the Taliban’s emails, consisting of press releases claiming responsibility for attacks against Afghan and coalition troops, were sent from the email account of Qari Yousuf Ahmedi, an official Taliban spokesperson, but this specific email was retrieved from the email account of Zabihullah Mujahid, another Taliban spokesperson. Most of these emails, sent to a mailing list with 400 recipients, are sent mostly to journalists, but also include a provincial governor, academics, activists, and other groups that also participate in attacks against coalition forces.
“The Taliban have included all 4 of my email addresses on the leaked distribution list,” tweeted journalist Mustafa Kazemi, a prolific Kabul-based tweeter with more than 9,500 followers. “Quite reassuring to my safety.” In recent weeks, the Taliban have increased the number of emails they send out, growing from just a handful every week, to several per day. The increase coincides with the end of the annual Taliban fighting season, prompting one local journalist to joke, “I guess when fighting season ends, emailing season begins.”