I do not feel that there is any need to be alarmed
I am writing to inform you of an incident involving misuse of company data.
It has become clear recently that the Global Address List, containing contact information of everyone in Shell and some contractors, joint ventures and other third parties, has been downloaded without authorisation and distributed to some external parties. We do not know who did this. We are investigating and are raising this theft of information with the relevant data protection authorities. The incident is receiving some media coverage.
I do not feel that there is any need to be alarmed. However, as a precaution, if you receive any nuisance telephone calls or e-mails then please contact your line manager, HR or security.
Whilst writing about this incident, I would like to take the opportunity to remind us all of the requirements of the Code of Conduct relating to Information Management, including data privacy and communications.
Chief Ethics and Compliance Officer
COMMENT BY JOHN DONOVAN
I note an important inconsistency between what Richard Wiseman is saying to Shell employees compared with what he has said to me in email correspondence. Mr Wiseman claimed in an email that there is a risk to the personal safety not only to Shell employees but “considerable numbers of people not employed by Shell but who are employed by third parties”. Contrast this with his message to Shell employees published above. Mr Wiseman does not mention any personal risk to the safety of people listed in the directory. Instead, the worst potential consequent of the database leak is downplayed to the possibility of the listed people receiving nuisance phone calls. So who is Mr Wiseman attempting to mislead: me, or over 100,000 people in the Global Address List?