Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Adult video-sharing list leaked from law firm
09-28-2010, 08:41 AM,
#1
Adult video-sharing list leaked from law firm
By Daniel Emery
Technology reporter, BBC News
27 September 2010 Last updated at 18:08

The personal details of thousands of Sky broadband customers have been leaked on to the internet, alongside a list of pornographic movies they are alleged to have shared online.

The list, seen by BBC News, details the full names and addresses of over 5,300 people thought by law firm ACS:Law to be illegally sharing adult films.

It appeared online following an attack on the ACS:Law website.

The UK's Information Commissioner said it would investigate the leak.

Privacy expert Simon Davis has called it "one of the worst breaches" of the Data Protection Act he had ever seen.

Data breach

The documents appeared online after users of the message-board 4chan attacked ACS:Law's site in retaliation for its anti-piracy efforts.

The firm has made a business out of sending thousands of letters to alleged net pirates, asking them to pay compensation of about £500 per infringement or face court.

It uses third-party firms to scour the net looking for possible infringements of music and film copyright.

Armed with IP (internet protocol) addresses - which can identify the internet connection used in any copyright infringement - its lawyers can then apply for a court order to get the physical address of the PC from the service provider whose network has allegedly been used for the file-sharing.

A BBC investigation in August found a number of people saying they were wrongly accused by ACS:Law of illegal file-sharing. UK consumer group Which? says it has also received a number of complaints. Many contest that IP addresses can be spoofed.

ACS:Law is under investigation by the Solicitors Regulation Authority over its role in sending letters to alleged pirates.

The leak contains around 1,000 confidential e-mails, along with the list, which was an attachment on one of the messages.

The collection was then uploaded to file sharing website, The Pirate Bay, where it is being shared by hundreds of users.

The confidential e-mails include personal correspondence between Andrew Crossley - who runs ACS:Law - and work colleagues, as well as lists of potential file-sharers and information on how much the firm has made through its anti-file-sharing activities.

While some of the e-mails, detailing the internal workings of the company, may prove embarrassing, the leaking of an unencrypted document - that lists the personal details of more than 5,300 BSkyB Broadband subscribers alongside a list of adult videos they may have downloaded and shared online - could be a breach of the Data Protection Act.

Speaking to BBC News, Mr Crossley said there were "legal issues" surrounding the leak.

"We were the subject of a criminal attack to our systems. The business has and remains intact and is continuing to trade," he added.

Mr Crossley said he would not comment directly on the contents of individual e-mails.

"All our evidence does is identify an internet connection that has been utilised to share copyright work," he told BBC News when pressed about the BSkyB database.

"In relation to the individual names, these are just the names and addresses of the account owner and we make no claims that they themselves were sharing the files," he added.

Mr Crossley said he had no further comment when asked why the Excel document was unencrypted, but said he had notified the police, the ICO and was in communication with the SRA.

A spokesperson for Sky told BBC News that they were "very concerned at the apparent security breach involving data held by ACS:Law".

"At this stage of our investigation, we believe that the data included the names and addresses of around 4,000 Sky Broadband customers," they said.

"Like other broadband providers, Sky can be required by Court Order to disclose information about customers whose accounts are alleged to have been used for illegal downloading. We only ever provide such data in encrypted form."
Direct action

Simon Davis, from the watchdog Privacy International, said he would be asking the Information Commissioner to "conduct a full investigation" and hoped it would be "a test case of the Information Commissioner's new powers".

"You rarely find an aspect where almost every aspect of the Data Protection Act (DPA) has been breached, but this is one of them," said Mr Davies.

"It fits perfectly for the term 'egregious misuse' of personal data," he added.

A spokesperson for the Information Commissioners Office (ICO) told BBC News that it "takes all breaches of the DPA very seriously".

"Any organisation processing personal data must ensure that it is kept safe and secure.

"The ICO will be contacting ACS:Law to establish further facts of the case and to identify what action, if any, needs to be taken."

BSkyB is yet to make an official statement on the matter, but said it was investigating the breach.

The attack on ACS:Law is the latest in a number of high-profile attacks by piracy activists.

Last week, hackers temporarily knocked out the websites of the Motion Picture Association of America (MPAA) and the Recording Industry Association of America (RIAA).

The attacks were declared on notorious message-board 4chan and were reportedly in retaliation for anti-piracy efforts against file-sharing websites.

Users of 4chan are renowned for online activism and direct action. "Operation Payback", as it was known, was reportedly revenge for the MPAA and RIAA's action against The Pirate Bay.

The group has declared it will continue to target other sites involved in anti online piracy activity.

http://www.bbc.co.uk/news/technology-11418962
“Everything Popular Is Wrong” - Oscar Wilde
Reply
09-28-2010, 07:03 PM,
#2
RE: Adult video-sharing list leaked from law firm
very lucrative list if you think about it.

Who cares if they were sharing porn!! they were watching it!! thats enough to scare alot of guys to hand over £500 hush money.
Reply
09-28-2010, 07:33 PM,
#3
RE: Adult video-sharing list leaked from law firm
Fresh ACS:Law file-sharing lists expose thousands more

Quote:The personal details of a further 8,000 people alleged to have shared music or films illegally have appeared online.

A list of more than 8,000 Sky broadband subscribers and a second of 400 PlusNet users surfaced following a security breach of legal firm ACS:Law.

It comes after a database of more than 5,000 people suspected of downloading adult films emerged on Monday.

The UK's Information Commissioner said ACS:Law could be fined up to half a million pounds for the breaches.

The two new lists, produced by ACS:Law, contain the names, addresses and Internet addresses (IP addresses) of users suspected of illegally sharing music.

In addition, they contain details of how much compensation infringers paid ACS:Law, along with internal case notes.

The BBC has also seen e-mails which contain credit card details of people who have paid the firm compensation. Others contain responses from people claiming their innocence.

One user whose name appeared on the list said he was "very angry" about the leak and believes "ACS should be shut down immediately, and that everyone on the list should be compensated".

He told BBC News that he was innocent of illegal file-sharing and had refused to pay the money demanded by ACS:Law.

The UK's Information Commissioner (ICO), speaking after the initial leak, told the BBC that ACS:Law had a number of questions to answer.

"The question we will be asking is how secure was this information and how it was so easily accessed from outside," said Christopher Graham.

"We'll be asking about the adequacy of encryption, the firewall, the training of staff and why that information was so public facing.

"The Information Commissioner has significant power to take action and I can levy fine of up to half a million pounds on companies that flout the [Data Protection Act]," he added.

Privacy expert Simon Davies called the leaks "one of the worst breaches" of the Data Protection Act (DPA) he had ever seen.

Data breach

The documents appeared online after users of the notorious message board 4chan attacked ACS:Law's site in retaliation for its anti-piracy efforts, as part of what its users called Operation Payback.

ACS:Law has made a business out of sending thousands of letters to alleged net pirates, asking them to pay compensation of about £500 per infringement or face court.

A BBC investigation in August found a number of people who said they were wrongly accused by ACS:Law of illegal file-sharing. The firm is under investigation by the Solicitors Regulation Authority (SRA) over its role in sending letters to alleged pirates.

The leaks consisted of about 1,000 confidential e-mails and attachments. It is thought documents may have also been acquired from the company's servers.

The collection was then uploaded to file sharing website The Pirate Bay, where it is being shared by hundreds of users.

The confidential messages include personal correspondence between Andrew Crossley - who runs ACS:Law - and work colleagues detailing a number of cases and how much money the firm had made from the letters.

Campaigners, who have long accused the firm of bullying tactics, have seized on the e-mails.

Speaking to BBC News, Mr Crossley said there were "legal issues" surrounding the leak.

"We were the subject of a criminal attack to our systems. The business has and remains intact and is continuing to trade," he added.

Mr Crossley said he would not comment directly on the contents of individual e-mails.

"All our evidence does is identify an internet connection that has been utilised to share copyright work," he told BBC News when pressed about the lists of personal data.

"In relation to the individual names, these are just the names and addresses of the account owner and we make no claims that they themselves were sharing the files," he added.

Mr Crossley said he had no further comment when asked why the Excel documents was unencrypted, but said he had notified the police, the ICO and was in communication with the SRA.

A spokesperson for Sky told BBC News that they were investigating the new leaks and said they were "very concerned at the apparent security breach".

"Like other broadband providers, Sky can be required by court order to disclose information about customers whose accounts are alleged to have been used for illegal downloading. We only ever provide such data in encrypted form."

Sky said they have "suspended all co-operation with ACS:Law with immediate effect" and that the suspension would "remain in place until ACS:Law demonstrates adequate measures to protect the security of personal information".

Mr Graham told BBC News that while he did not have the power to put ACS:Law "out of business" a large fine could have serious repercussions for the firm.

"I can't put ACS:Law out of business, but a company that is hit by a fine of up to half a million pounds suffers real reputation damage," he said.

http://www.bbc.co.uk/news/technology-11425789
The revolution is not an apple that falls when it is ripe. You have to make it fall. - Che Guevara

Resistance Films Youtube Channel

TriWooOx Podcast
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
  Feds Shut Down File-Sharing Website Megaupload TriWooOx 3 1,292 09-24-2012, 08:20 PM
Last Post: h3rm35
Video VIDEO: The Special Forces Raid on Kim Dotcom's Mansion drummer 1 815 08-10-2012, 12:33 AM
Last Post: h3rm35
  Firm stops pursuing net pirates TriWooOx 1 1,266 02-05-2011, 01:42 PM
Last Post: pax681
  ACS:Law loses illegal file-sharing cases TriWooOx 2 1,272 12-13-2010, 03:28 PM
Last Post: rsol
  LimeWire file-sharing site shut down in US TriWooOx 3 1,571 10-28-2010, 05:54 PM
Last Post: Deathaniel

Forum Jump:


Users browsing this thread: 1 Guest(s)