It seems that an attorney at Eli Lilly’s outside legal firm accidentally sent an email with confidential information over government settlement talks to a reporter at the New York Times. The Times reporter then started poking around, eventually breaking the story far before anyone was prepared.

Oops. Did I mention it was a $1B settlement?

Now before we get too excited, let’s keep in mind that even if Eli Lilly deployed DLP, it’s unlikely that their little outside law firm would. We also need to ask ourselves if any of their DLP policies would have prevented this type of leak, which will depend greatly on what was actually sent to the Times.

Perhaps we should start by disabling autocomplete in our email applications first. I wonder what percentage of email leaks are merely the result of that little feature?