A law firm which gained notoriety in 2009 and 2010 for sending hundreds of letters to alleged illegal file sharers claiming they owed money for copyright infringement, has been fined by the Information Commissioner’s Office (ICO).
Andrew Crossley, owner of law firm ACS:Law, was hit with the fine following a data breach to the company’s website in September 2010. The site was successfully hacked and the personal details of approximately 6000 people were exposed. People’s names, addresses and credit card details were all obtainable following the hack.
An investigation by the ICO said it found seriously flaws in the firms security systems around it’s IT infrastructure. Christopher Graham speaking on behalf of the ICO said
“Sensitive personal details relating to thousands of people were made available for download to a worldwide audience and will have caused them embarrassment and considerable distress. The security measures ACS Law had in place were barely fit for purpose in a person’s home environment, let alone a business handling such sensitive details.”
The law firm ceased trading in February this year. This has meant the fine received by Crossley is a drop in the ocean compared to the £200,000 fine ACS:Law could have received, as he is now a sole trader, the ICO confirmed.
In January this year the firm dropped its cases against the alleged file sharers mainly due to their being a lack of evidence presented to the court, at the time Judge Birss criticising the firm calling the case ‘mind boggling’. Crossley himself released a statement through the court citing criminal attacks and bomb threats as reason for ACS:Law dropping the cases against the accused.