Privacy International Plans To Sue ACS:Law For Mishandling Information On Those It Threatened
from the oops dept
A bit more fallout from the ACS:Law email leak. In the comments on our last post, cc pointed out that one of the discoveries in the leaks is that ACS:Law did not properly protect the private information of those who paid up after receiving a pre-settlement threat letter. In fact, the email leaks apparently revealed over 10k names, addresses and credit card details in some cases. Because of this, Privacy International is planning to file a lawsuit against the company, for not living up to EU privacy regulations on such information. PI is claiming that the company violated data protection laws by allowing sensitive information to be stored on a public-facing server, and not taking the "appropriate technical and organisational measures" to protect the data.