The tweets below are typical reactions to the situation.
Well, crap, @Coil! You just managed to expose every single user's email address in one email where you used the TO: field, amounting to a comprehensive data breach.
This is a cataclysmic privacy and security mistake. I can't trust you with my info, and have deleted my account.
— Jason C. McDonald (@codemouse92) November 17, 2020
Hey @Coil, thanks for sending me a marketing email with 999 other people's emails in the "to" field. It's super cool that all of us now have each other's email address and know that we all have a Coil account.
— Jordan Kicklighter (@jwkicklighter) November 17, 2020