Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Advocacy group, Privacy International, has reported pirate hounding law firm ACS:Law to the UK's Information Commissioner's Office for security deficiencies that led to mass exposure of alleged file-sharers.
The email database of the controversial British anti-piracy firm was leaked on file-sharing website the Pirate Bay at the weekend.
The privacy advocates raised concerns over a single email, which it said contained the street addresses, names and IP addresses of 10,000 people alleged to have shared pornographic works.
"This data breach is likely to result in significant harm to tens of thousands of people in the form of fraud, identity theft and severe emotional distress," Alexander Hanff, a PI advisor, said.
"This firm collected this information by spying on internet users, and now it has placed thousands of innocent people at risk."
The leak allegedly occurred after ACS:Law posted a backup of its email database to its website, which it was restoring following a distributed denial of service attack launched by the so-called Anonymous group as retribution for its legal threats to file-sharers.
Privacy International said the breach was not caused by the DDoS attack but by ACS:Law's "poor" data protection procedures.
"Whereas the attack prevented the ACS:law web site from being accessed, there is no evidence to suggest that the web server was compromised; it would seem that this data breach was purely down to poor server administration and a lack of suitable data protection and security technologies," it said in a statement.
PI wanted ACS:Law to contact every person that was mentioned in the email to alert them to possible financial risks as a result of the breach.
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.