[obowersa]

Reading the article, what surprises me the most is that they had to search the mail in the first place.

For the information they were after, any relatively primitive mail tracking system would suffice. To be fair, even most outbound spam/virus scanners would log the level of info being looked for.

I can't help but feel as if it's a bit of an overreaction. A very targeted search was done on the mail headers to try and track down a leak. It seems fairly routine work. The lack of notification is a big issue (soon after the event) but even so.

To see the reaction you'd assume that the administrators were going through each persons mailbox reading every single mail.