Civil rights organisation Privacy International is planning to take legal action against a law firm that has accidentally leaked personal details of thousands of Brits online.

Privacy International has highlighted the massive security breach which involved the leaking of personal information of thousands of P2P users.

The data was obtained by ACS: Law, in order to track P2P users illegally sharing copyrighted pornographic films.

Data leak

ACS: Law was attempting to put its site back online following a denial of service (DoS) attack, which is apparently when the data leak occurred.

Privacy International claims that one email contains the personal information of 10,000 people that were apparently involved in P2P smut sharing – with names, addresses, postcodes and IP addresses included in the data.

"This data breach is likely to result in significant harm to tens of thousands of people in the form of fraud, identity theft and severe emotional distress," said Privacy International spokesman Alexander Hanff.

"It would seem that this data breach was purely down to poor server administration and a lack of suitable data protection and security technologies."

The Information Commissioner's Office told PC Pro: "The ICO takes all breaches of the Data Protection Act very seriously and any organisation processing personal data must ensure that it is kept safe and secure.

"The ICO will be contacting ACS: Law to establish further facts of the case and to identify what action, if any, needs to be taken."

This isn't the first time ACS: Law has been in the news. It is the same law firm which sent out thousands of letters to alleged pirates asking for an out-of-court settlement fee over illegal downloads.

Via PC Pro