Paul Hastings accidentally sent an email to its UK training contract applicants which revealed all the candidates’ identities to each other.

Blundering staff made the mistake while attempting to notify applicants about another error affecting Paul Hastings’ 2021 trainee recruitment process. Due to a technical glitch the firm needed to extend the deadline for training contract applications to 2 August. 

Unfortunately, the email notifying candidates of the delay was sent out in an unconcealed email chain which revealed the names of all 386 recipients, and their email addresses and university addresses, to every other applicant.


Friendships ruined, lives destroyed.

A spokesman for Paul Hastings blamed an outsourcer. "An email was inadvertently sent by a third party service provider to our 2021 trainee contract applicants", he told RollOnFriday. "We have reached out to those applicants as we continue to look into the matter further".

The firm declined to confirm if it had reported itself to the Information Commissioner's Office for a breach of data regulations. 

The send button has proven to be one of humankind's greatest foes. Just last month it bested a Winkworth Sherwood partner, who failed to blind copy 600 contacts into an email introducing them to his new firm.

Update: An exposed student has said that those 386 recipients comprised candidates who had not yet completed their online applications. So, luckily for PH, more than 400 people probably applied for a training contract.

Tip Off ROF


Je Suis Monty Don l’Autobus 09 August 19 07:52

Hie has it come to this, that ROF’s idea of a news story is the kind of reply-to-all error that gets made hundreds of times a day? OMG! Some students can see one another’s email addresses! OMG!

Anonymous 09 August 19 09:14

Wannabe trainees - look for another firm - they are utterly ruthless.

Care factor 0 when it comes to looking after their staff.

Anonymous 09 August 19 09:59

This is a non-story. Why would the firm have to report itself to the ICO? There's no risk here to the students.

Seriously? 09 August 19 10:26

Clearly not many of you understand data protection law. This almost certainly does not need to be reported to the ICO.

Anonymous 14 August 19 08:56

U lot who declaimed data protection as non-law now banging on as if it makes any ****ing difference.

I stated 15-odd years ago how lucrative but unfulfilling the "law" was.  Earned me a right sh1t-load of money at the time although I felt like a fraud.

Now I see people are clamouring to get involved! lollerz.  I may be able to get a job when I move back to England after all if fools is what are demanded.  A sweet life in boring bank compliance would see me right to retirement.

Bored 14 August 19 21:20

Seriously, who cares?   This article is akin to the witch hunting hysteria in the modern age.  It appears to be open season on law firms.  So what?  An email was sent with others’ email addresses?   My god.   A few years ago this kind of thing would have been an admin error not worthy of comment.  

Anon 14 August 19 21:21

The headline is tabloid-esque 

“exposes students”. 

No, an honest admin mistake was made and emails were copied to others.  

Anonymous 15 August 19 15:17

Top tip: don't make it TOO obvious you're PR by defending a firm when no-one else would be arsed to.

Anon 15 August 19 22:23

To the above comment regarding law firm PR, I think this is evidence of the witch hunting remark in action.   Even alternative views suggesting that not all law firms deserve to be demonised for minor clerical errors gets dismissed as the law firm itself writing the comment.   I wrote it.  I’ve got nothing to do with the law firm.  

Related News