Thousands of internet porn users have had their details leaked online in what an expert called one of the worst breaches of the Data Protection Act he had ever seen.
The list, produced by internet spies ACS:Law, contains the names and addresses of more 5,300 people alleged to be illegally sharing porn online.
The list of porn users was posted online after users of the message-board 4chan attacked ACS:Law’s site in retaliation for its anti-piracy strategy.
ACS:Law makes it money by writing to alleged net pirates, asking them to pay compensation or face court for copyright infringement.
UK consumer group Which? has received a number of complaints about ACS:Law but users of 4Chan took matters into their own hands and attacked the site, accessing the sensitive information about porn users.
Privacy campaigner Alexander Hanff said: “This is likely to result in significant harm to tens of thousands of people in the form of fraud, identity theft and severe emotional distress.
“This firm collected this information by spying on internet users and now it has placed thousands of innocent people at risk.”
The leaked list was unencrypted and contains details of thousands of broadband users who have allegedly shared porn. Some credit card details also appear in the list.
The UK’s Information Commissioner (ICO) told the BBC: “The question we will be asking is how secure was this information and how it was so easily accessed from outside.
“We’ll be asking about the adequacy of encryption, the firewall, the training of staff and why that information was so public facing.”
Internal emails from ACS:Law were also leaked, including those detailing how much money the firm has made through pursuing file-sharers and one in which Andrew Crossley, who runs the company, discusses buying a Ferrari.
Say no more.
Related:
Twitter porn worn caused by Australian teenager
Details of 100m Facebook users leaked: how and why
Words: Frankie Mullin