BT’s response and more threats
A BT moderator on the firm's PlusNet forums, reportedly wrote: "In answer to the question above about whether we sent out customer details in unencrypted files, I can confirm that this did happen. We are investigating how this occurred as we have robust systems for managing data. We have already ensured that this will not happen again.
"In this circumstance our legal department sent data to a firm of solicitors (ACS:Law) which reached them safely and we trusted that they would keep the data safe," he reportedly added.
A spokesperson for PlusNet, which is owned by BT, told the BBC that it had got in touch with all customers affected and was "working with them closely to protect them as much as possible from further exposure".
The firm has also reportedly promised to give them access to "an identity protection service including internet security software free of charge for the next 12 months".
PlusNet has vowed to take a tougher stance when approached for user data from now on.
The company spokesperson told the BBC: "Due to serious concerns about the integrity of the process that is being used by rights holders, we will resist efforts to share more customer details with rights holders and those acting on their behalf until we can be sure that alleged copyright infringements have some basis and customers are treated fairly."
The firm is also believed to have opened an internal investigation to make sure there is not a repeat of the incident and is cooperating with the Information Commissioner's Office.
Speaking to the BBC, Privacy International's Simon Davies said that BT has ‘comprehensively breached' the Data Protection Act and could even be in contempt of a high court order.
The order reportedly tells service providers handing over information to ACS:Law to make sure it is in an "electronic text format by way of Microsoft Excel file saved in an encrypted form to a compact disk, or any other digital media".
Meanwhile Sky, which also suffered a list of its customers being exposed as part of the ACS:LAW hack, has reportedly insisted it has only ever handed over data in a secure format.
According to ZDNet, hackers are getting ready to attack more anti-piracy bodies.
The Australian Federation Against Copyright Theft (Afact) has reportedly been hit and users of 4chan and Internet Relay Chat (IRC) are apparently nominating new victims for DDoS attacks as part of the ‘Operation Payback' campaign.
Apparently BitTorrent monitoring service NG3Sys made the list because of its decision to help ACS:Law go after Brits who had allegedly downloaded or shared copyrighted material.
