Oblivious, the hapless staff member handed over files documenting payroll information belonging to current and former employees.
In this case, however, CEO of Code.org Hadi Partovi said in a blog post the information leak was caused not by a cyberattacker, but rather a coding failure which left volunteer email addresses open to the eyes of the Internet.
The executive said that the Code.org team found and fixed an "error" in the organisation's domain late Friday. The error allowed public access to a number of databases containing the email addresses of volunteers through standard Web browsers, and as a result, at least 10 volunteers received "job offers" from a recruitment firm in Singapore.
"This wasn't a case of hackers breaching our security systems, rather it was our mistake of leaving volunteer email addresses accessible via the web browser," Partovi says. "None of our servers were ever vulnerable, nor were our 10 million student/teacher accounts or passwords or other information ever vulnerable."
The recruitment firm in question which used the information leak to send these emails said they were sorry and would remove the email addresses from mailing lists. However, the unnamed company was quick to say its intention was simply to "get them more opportunities to improve their own Computer Science skills beyond the opportunities available in their geographical boundaries / location."
Code.org's CEO described the problem as both an "error" and "vulnerability," and does not know how widespread the problem may be. To prevent any further data leaks caused by the same problem, the team has secured the Web domain and double-checked their databases.
The CEO has apologised for the data leak, which in the grand scheme of things, is small and of relatively low risk in comparison to many of the data breaches we hear about every week.
However, the case does highlight just how far information can spread through the smallest of errors.