What the he-l happened?
42 replies (most recent on top)
@bv Their Slack shows as deactivated.
@b1 how does everyone know these people were terminated and that it was done within an hour of the initial post?
@a8 Ethics won’t do anything. Read the policy. Just because you can access something doesn’t mean you should and you sure as he-l shouldn’t share it.
Thanks for the info, y’all. I was impacted and for obvious reasons it’s not fun reading that your information might have been leaked. Internal or external doesn’t matter. We don’t need to worry about this on top of everything else. Best wishes to anyone else impacted and Godspeed.
@aw The problem is, the information by itself is not classified that way. It is only when you put it together where that is the problem.
Someone could haave used those directions as you said to find out if their leader had been terminated, so what? That will not be part of target strategy. It seems the whole list itself is the problem IF i am reading your post correctly. In that case why shoot the messenger? and not the guy who made the list? The fired person only posted a name. IT was others who took the info to create the supposed confidential info.
@b3 it's not a distro list, it's an Active Directory role (USHQ-TeamList) that was assigned to all of the people in the US who got laid off. It was used to send layoff emails, but is likely also used to turn off access. There are services in go/ that let you do AD queries (go/ad, go/group, go/ldap) to search for people who have that role and compile lists of those affected. I'd suggest people not use those today.
@b2 I think it was the name of an Active Directory distro list in outlook who received the RIF email. I’d guess the firing of these TMs was due to sharing the distro list / full list of names (vs. accessing the distro list for internal curiosity, which would be much more cumbersome to look up I’d also guess)
What’s a AD group?
Another person termed for the ad group. Does anyone know what he did? I’m horrified I’m going to get fired because I saw the list.
@ay Agree with you. Besides, the list only contained names and department.
No other sensitive details (pay, severance etc). Firing is too extreme of a measure for their carelessness.
@ay Minnesota is an at will employment state, Target doesn’t need to provide a good reason, but the person who shared that information gave Target HR cause to terminate him, even if it isn’t a good one. There is no point in fighting the company you will always lose.
Slack is allowed for confidential data per security's own docs. Citing it is confidential is a bu1lsh!t reason for terminating someone.
there are multiple reasons not to name names, both for the benefit of the employer and the affected worker. anyone with a brain should know they were confidential. If I stumbled on my boss' salary, even due to incorrectly set privacy controls, I'm certainly not posting it in a big slack channel. I feel bad for the guy but it shows a lack in judgement.
@an Here is the policy Target would probably cite on why this is a fireable offense: a list of every TM across Target who was laid off likely falls under Confidential data classification, because it has giant ramifications on Target's strategy and operations. Also, the plan today was that affected teams would have a connect with their leader in the afternoon to go over changes. You could theoretically have used that AD group to find out that your leader was laid off before the official announcement.
I'm not sure there would have been big consequences if the backdoor way to access the list had been shared in a DM, but posting it in a public Slack channel with 3,500 people in it was definitely not respecting the relatively obvious Infosec classification of the information. It would be like posting a word doc that you found with a bunch of 16-digit numbers into #yelling without stopping to think that they might be credit card numbers.
@aq adding: I’m sorry that you were impacted. There are better days ahead.
@aq When you received the email you were added to a ad group in order to be sent that email. When you have the ad group you can see all the members in the group.
@aq in the #yelling Slack channel someone posted a way to access the list names of the people who were impacted. It wasn’t straight up names posted on Slack but a method to find it…I saw it but didn’t understand. :|
The post was quickly taken down and the original poster issued a word of warning but, literally, within an hour, they were terminated.
@aq An engineer (who had recently returned to Target) queried for a members of a distraction list from what I understand and then compiled it in Excel to determine who was laid off.
can someone please explain what this list was? I was impacted and I don’t understand what the list or excel file is. Was it a list of names who were laid off? Was it data about how the decision was made?
@an While it may have been laying around to access it is arguably in poor judgment to circulate that especially at this time.
I am confused. Why would he get fired for posting the ad group and how to access the list? Were the people who made excel documents and analysis on roles laid off also fired? Was he fired for sharing internal information on an external application? Anyone have any insight?
@aj It was a distro list that has been circulating. The guy in yelling posted the AD group and how to access the names.
Let this be a lesson: ANYTHING you do or say on ANY corporation's assets is company turf. I think a lot of the #yelling regular crew is insane for being so vocal about Target in a public channel while using a Target computer, even before this round of layoffs. It's awful opsec. They are always watching. Probably putting you on "unregretted attrition" lists where you get shorted on promotions, raises and eventually PIPed. Get the phone number of a coworker you like and TEXT them if you have organization-level discontent.
What is this list? Is it a distro, or was it a file?
@af I doubt it. But there is a chance they talk to anyone who saved screenshots or exports of the list, and if you shared it or moved it outside of Target's data ecosystem then yes there may be consequences. (none of this is insider info, just reasoning through the situation)
@af I looked at the list 😭😭
Are they going to fire us just for looking at the list?
Let this be a reminder that there’s no such thing as a “safe space” at work. Work is work. You will always be an employee. You’re purpose is always to increase shareholder value no matter what “culture” they tell you we have
@ac ad group?
Someone posted the data analysis they did on the list in the comment of that post and it was deleted first. Not sure if person who did the data analysis is okay. It seems they prioritized deleting the ad group before removing the post on what ad group it was (the post stating the ad group with a website to go to see the members of that ad group is the deleted post being mentioned).
I feel bad for the guy who posted that and got fired for it but it’s not an ethics violation to fire someone for sharing that list. Let’s all use our judgment here.
The distro wasn’t public. Someone obviously went rooting around for it and shared it.
People deserve their privacy.
@a9 Oh sh-t! Who is Eric? LOLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLLL
@a8 Hi Yan, this is Eric. We need to talk.
I believe it’s necessary to raise an ethics complaint. The individual in question accessed information that was openly available, and if the data was truly meant to be confidential, it was the responsibility of HR and the relevant teams to ensure it was properly protected. It is unjust to terminate someone for accessing information that was not restricted or marked as sensitive. The real issue lies in the organization’s failure to handle sensitive material appropriately, not in the employee’s actions.
I wasn’t able to look through the list before it was deleted. It was an excel document with a long list of names. Assuming the names of those impacted by layoffs.
@a4 no just way to access the group. Someone shared on layoff exact thing prior - https://www.thelayoff.com/post/@a6+1k8ntf5t9
@a4 I didn't see what he listed but I saw the aftermath.
The guy uploaded a list of names. He was deactivated shortly after
Scary