Download the Tom's Hardware App from the App Store
The reference for current tech news
Yes No

Law Firm Facing Investigation After Details of 5,000 Broadband Users are Leaked to Pirate Bay

by - source: Tom's Hardware US

Yesterday it emerged that the personal details, including full names and home addresses, of more than 5,000 Sky broadband customers had been posted online. The BBC's Daniel Emery reports that this list was compiled by law firm ACS:Law and also contains details about pornographic content the broadband users are accused of pirating. The list appeared online after 4Chan took down ACS:Law's website as part of its recent "Operation Payback is a Bitch" DDoS attacks.

Earlier this month, 4Chan targeted several organizations dedicated to putting an end to piracy. Though ACS:Law was among those hit with DDoS attacks orchestrated by 4Chan users -- TorrentFreak reports that the London-based law firm has been making money working to identify filesharers and recoup settlement money for copyright holders -- the head of ACS:Law, Andrew Crossley, was unperturbed by the DDoS attack and had no qualms about telling that to the media.

"It was only down for a few hours," Crossley told the Register. "I have far more concern over the fact of my train turning up 10 minutes late or having to queue for a coffee than them wasting my time with this sort of rubbish."

4Chan didn't take kindly to the fact that Mr. Crossley was so unaffected by their attempts to cause him some distress and late last week, a leak was posted to the Pirate Bay containing 1,000 confidential ACS:Law e-mails, along with the unencrypted list of Sky broadband users. Mr. Cossley told the BBC his firm had been "subject to a criminal attack to its systems" and that he had informed the police.

While having your name and home address included on a list of pirates supposedly in the business of sharing pornography is bad enough, it's probably worse if you're not even pirating pornography to begin with. An August investigation by the BBC discovered that many people on the receiving end of settlement demands from ACS:Law claimed they were wrongly accused of filesharing by the firm,. What's more, a UK consumer Watchdog said they had received a number of complaints from people saying the same thing.

Daniel Emery writes that though Mr. Cossley refused to comment on the leaked internal emails, he did confirm that those on the list might not have pirated any content.

"All our evidence does is identify an internet connection that has been utilized to share copyright work," he told BBC. "In relation to the individual names, these are just the names and addresses of the account owner and we make no claims that they themselves were sharing the files," he explained.

Early this morning, the Information Commissioner confirmed that it was investigating the matter.

"The question we will be asking is how secure was this information and how it was so easily accessed from outside," said Christopher Graham. "We'll be asking about the adequacy of encryption, the firewall, the training of staff and why that information was so public facing."

Graham said that his position as ICO allows him to impose a fine of up to half a million pounds (just under $790,000) if a company is found to have breached the Data Protection Act.

Further Reading

Share:
9
Comments
Read more
X
Submit

Comments
Add your comment
dingmatt 29/09/2010 10:13
Hide
-2+

lol, Crossley's just learnt why its not a good idea to F*** off 4Chan, bet he wishes he'd kept his mouth shut.

Anonymous 29/09/2010 11:15
Hide
-1+

Kind of funny that he now attempts to play down the data he earlier used to threaten people with lawsuits. Apparently if the people receiving the threats replied with what he said, the threat would have gone away.

chronicbint 29/09/2010 11:54
Hide
-2+

Hopefully the Information Commissioner fines these scummy lawyers. :)

potatolord 29/09/2010 13:34
Hide
-0+

Someone hacked into their systems and leaked that information onto the internet. So the 4chan hackers have effectively publicly named all those people alleged to have been sharing? Information on that was privately held by ACS Law?

I wouldn't be too pleased with 4chan if I were on that list.

dillyflump 29/09/2010 14:19
Hide
--1+

The email system was wide open apparently, ACS Law is more or less screwed because the emailed lists sent from ISP's Sky & PlusNET were not encryted or password protected in anyway and just sitting in ACS Laws inbox. Sky, PlusNET & BT Broadband service have suspended any relations they had with ACS Law and will no longer be prividing them with user details even if ACS Law provide a court order requesting disclosure. ACS Law is just scaremongering people charging upto £700 per supposed download of an MP3 file based solely on IP address's of torrents from public bittorrent trackers. People scared by this approach have paid up, many others have simply ignored the demands of ACS Law and no one has been taken to court by ACS Law over supposed copyright infringement. This so called Law firm are nothing more than a bunch of crooks operating on the dubias edges of UK Law. Every successful payment they recieve from scared internet users in the UK ACS Law keeps 52% of any monies payed.
So you tell me who are the crooks here, IP address monitoring on its own is not sole proof someone has acted illegally. IPs can be spoofed easily or someone could of gained access to your home router or even your PC could be infected with Virii. Anyone getting one of these letters needs to tell ACs Law to go get bent.

Skid 29/09/2010 14:25
Hide
-1+

They didn't hack into the system, some idiot left the backup file on the base directory of there web site. So it was public, read here:
http://torrentfreak.com/acslaw-ant [...] ls-100925/

Rab1d-BDGR 29/09/2010 19:25
Hide
--1+

Just to clarify - 4Chan didn't do anything here - they were taking down any "raid" threads related to this (probably because the mods didn't want to piss off a law firm). "Anonymous" - the users of various *chan websites started it and once it hit the news a lot of others decided to join in. I can understand the BBC not understanding the distinction but I'm surprised at how many tech sites are saying 4chan did this and 4chan did that.

The scam has been well known since Davenport Lyons did a similar protection racket and it made the news but hopefully this will draw more public attention to this corrupt practice. At the very least this should stop crappy ISPs like BT and Sky from caving in to the demands of these scumbags. The BT tech support forum is buzzing with this at the moment - the admins are trying to hide behind the "we have to comply with court orders" BS. Obviously, once a court order is made they have to do what it says. However, when the Andrew Crossley Maffia tried to do this with Talk Talk and other decent ISPs, those ISPs said they would fight in court to protect the privacy of their customers. At this point Crossley (ACS:Law's one and only solicitor) backed down like a frightened pussycat. In fact, they have never prosecuted anyone who stood up to them - kind of reminds me of playground bullies.

If I were one of those whose details were exposed then I would blame ACS:law and my ISP far more than whichever random "hacker" decided to put it all on p2p. Fortunately, someone has already sifted though the emails and a second torrent has been released over p2p which contains only the incriminating emails to and from ACS but not the personal details of innocent broadband customers. Of course, it is a bit late for that now...

Today I learned:
1) Be careful in choosing your ISP
2) Don't give in to protection scams
3) Don't piss off "Anonymous"

p75 29/09/2010 23:22
Hide
--1+

It's all been uploaded to pirate bay. See here.
http://thepiratebay.org/search/acs:law/0/99/0

I have even see the files myself.

Submit my comment

See more

Best offers

Latest news

Miscellaneous Previous news

Newsletters


OK
Partners