Operation Payback is a Bitch
September 28, 2010 6:46 AM   Subscribe

Thousands of broadband customers in the UK have had their personal details uploaded to web, complete with the names of pornographic movies they are alleged to have downloaded.

The details were made available by ACS:Law, a notorious British law firm that specialises in sending thousands of letters to alleged file-shares asking them to pay a fine of £500.

Following a prolonged DDoS attack by 4chan earlier in the week, an unencrypted 350 megabyte site-backup was uploaded to the front page of ACS:Law's website. The file contained an extensive email archive, revealing the details of thousands of Sky broadband customers, as well as financial details and personal correspondence of ACS:Law owner Andrew Crossley.

Privacy watchdogs are now examining the possibility of legal action. The UK's Information Commissioner has the power to levy a maximum fine of £500,000.

If you think you may be on the list, you can search some of the database using a UK postcode.
posted by afx237vi (70 comments total) 6 users marked this as a favorite
 
Phew
posted by vbfg at 6:47 AM on September 28, 2010 [7 favorites]


I hope this encourages everyone to fly their freak flag in public now. That would be distracting and messy, sure, but we'd probably be too busy to wage wars then, so WIN WIN.
posted by nomadicink at 6:48 AM on September 28, 2010 [3 favorites]


Fuck I hate bottom feeders like these. I hope they get nailed to the wall
posted by the noob at 6:56 AM on September 28, 2010


Phew

Indeed.
posted by Optamystic at 6:57 AM on September 28, 2010


PARTY BABES, PARTY BABES, PARTY BABES, PARTY BABES, PARTY BABES, PARTY BABES, PARTY BABES, PARTY BABES, PARTY BABES, PARTY BABES

I LOVE SILVIA SAINT

SECRET GARDEN SEX, SECRET GARDEN SEX, SECRET GARDEN SEX, SECRET GARDEN SEX, SECRET GARDEN SEX, SECRET GARDEN SEX, SECRET GARDEN SEX, SECRET GARDEN SEX, SECRET GARDEN SEX, SECRET GARDEN SEX

I think I just found out how Andrew WK comes up with his song lyrics.
posted by dudekiller at 6:59 AM on September 28, 2010 [22 favorites]


Look at that! My mum and I have the same tastes!
posted by mreleganza at 6:59 AM on September 28, 2010 [4 favorites]


Latino Spunk Gobblers was nowhere near as good as the book.
posted by Mister_A at 6:59 AM on September 28, 2010 [14 favorites]


I am stunned that people pirate porn.

All you have to do is use IE and it pops up everywhere for free!
posted by srboisvert at 7:03 AM on September 28, 2010 [9 favorites]


Latino Spunk Gobblers was nowhere near as good as the book.


Agreed. Script problems from day one. I despair to think of how the prequels will turn out. Probably full of CGI nonsense.
posted by modernnomad at 7:06 AM on September 28, 2010 [5 favorites]


OMG, assploitations 2 is out already?!
posted by nomadicink at 7:07 AM on September 28, 2010 [1 favorite]


FULL FRONTAL CORTEX

Fess up UK MeFites.
posted by ryoshu at 7:09 AM on September 28, 2010 [5 favorites]


It was avoiding such pubic embarrassment that lead me to join Spunk Gobblers Anonymous.
posted by Abiezer at 7:09 AM on September 28, 2010 [3 favorites]


FREDDIE'S BRITISH GRANNY FUCK 1

I hate the future.
posted by robocop is bleeding at 7:09 AM on September 28, 2010 [6 favorites]


BIG BOOBS POWER

I'm trying to imagine what Big Boobs Power might actually be. Is it carbon neutral?
posted by the noob at 7:09 AM on September 28, 2010


Were they actually sending out letters for porn? That seems almost like blackmail. Instead of "Pay us or we'll sue you for pirating Iron Man 2" It's "Pay us or we'll take you to court and everyone will know you were downloading Latino Spunk Gobblers"
posted by delmoi at 7:10 AM on September 28, 2010 [3 favorites]


I'm noticing a fair few Private titles in there. don't ask

Were they ACS:Law's client?

posted by garius at 7:10 AM on September 28, 2010


Why are they only keeping track of the porn these people are downloading? Is it a blackmail thing?

on preview: damnit delmoi.
posted by thsmchnekllsfascists at 7:12 AM on September 28, 2010


Get your freak on,
Get'cha, get'cha, get'cha, get'cha, get'cha freak on
posted by bwg at 7:12 AM on September 28, 2010


OMG, assploitations 2 is out already?!

This reminded me to check on A Dance with Dragons. Still not done.
posted by a robot made out of meat at 7:14 AM on September 28, 2010 [4 favorites]


I thank everyone for their interest in my porn habits, and should you find yourself of a similar bent, you know where to get a hold of me.
posted by Capt. Renault at 7:16 AM on September 28, 2010 [2 favorites]


Has Meatafilter been on anyone's list?
posted by lobstah at 7:16 AM on September 28, 2010


...and not a single download of Happy Scrappy Hero Pup.
posted by griphus at 7:17 AM on September 28, 2010 [15 favorites]


I wouldn't watch UK STUDENT HOUSE 3 if you paid me. That can only possibly sound hot to people who haven't been near students for the last twenty years.
posted by shinybaum at 7:21 AM on September 28, 2010 [3 favorites]


Seems like these files could be the basis of a wonderful dating service.
posted by jenkinsEar at 7:23 AM on September 28, 2010


The Data Protection Act is a serious thing in the UK. The Information Commissioner (the independent government-authorised authority who oversees breaches of the act) has the authority to levy up to £50,000 now - and by all accounts, he's going to be asking awkward questions:

"The question we will be asking is how secure was this information and how it was so easily accessed from outside," said Christopher Graham (the IC)

"We'll be asking about the adequacy of encryption, the firewall, the training of staff and why that information was so public facing.

"The Information Commissioner has significant power to take action and I can levy fine of up to half a million pounds on companies that flout the [Data Protection Act]," he added."

The ICO takes all breaches of the Data Protection Act (DPA) very seriously. Any organisation processing personal data must ensure that it is kept safe and secure.

"This is an important principle of the Act. The ICO will be contacting ACS:Law to establish further facts of the case and to identify what action, if any, needs to be taken.”


Read more: http://www.computeractive.co.uk/computeractive/news/2270466/privacy-international-launching#ixzz10pkVM6ox
Software, gadgets, magazines and more in our webstore. Click here to see our latest offers.

These clowns uploaded an unencrypted backup archive to an unpassworded folder on the website (in what appears to be a ham-fisted attempt to resurrect the site after it got DDoS'd), complete with emails where they're passing around unencrypted lists of personal information.

The head of ACS:Law says:

"We were the subject of a criminal attack to our systems. The business has and remains intact and is continuing to trade," he added.

Well, yeah. And your people put an unencrypted dump of your email on an open website, where anyone can download it at will, and you're passing around gobs of private personal data via open EMAIL.

As if ACS:Law didn't have enough problems with being investigated by the solicitors regulation authority;

In August 2010, the Solicitors Regulation Authority ruled that ACS:Law had "a case to answer" regarding its campaign against file sharers, and set up a Solicitors Disciplinary Tribunal. It is the third disciplinary tribunal for Andrew Crossley, the head solicitor at the firm. It is expected that the tribunal will make its judgement by the end of 2011. The tribunal has the power to fine, reprimand or strike off solicitors.

Basically, ACS:Law are spontaneously searching for infringement on copyrighted works, often without the knowledge of the copyright holder. They get the IP, do a civil order for discovery against the ISP to hand over the subscriber details, without the subscriber's knowledge, then send a nastygram to the registered address threatening a lawsuit if they don't cough up £500 or so. that there's no evidence linking the account holder to the alleged infringement; or that in fact they've even got the right IP address; or that that IP address was actually infringing; doesn't matter in the slightest. Crossley has as much as admitted the whole point is to make a business model out of threatening people virtually at random, and a certain percentage will pay up just to make it go away (middle class parents with kids, the elderly etc). I believe they then contact the copyright holder, and offer them a cut of the proceeds...

Regardless of your stance on copyright, ACS:Law, and Crossley particularly, is a nasty piece of work basically committing legalised extortion. The bigger the slap he gets for this data breach, and his predatory business practices, the better.
posted by ArkhanJG at 7:26 AM on September 28, 2010 [29 favorites]


But of course we all know the lawyers prosecuting the cases have their own stashes. As do the judges, and the politicians, and the industry lobbyists, and the priests. The human capacity for hypocrisy never fails to sadden me.
posted by jet_manifesto at 7:27 AM on September 28, 2010


Whoops. Sorry for the cut-n-paste link spam in there. Any mods, you're welcome to strip it out...
posted by ArkhanJG at 7:27 AM on September 28, 2010


Whoops. Sorry for the cut-n-paste link spam in there. Any mods, you're welcome to strip it out

Usually that's caused by something called tynt which you can block in a number of ways. I added a custom rule to adblock, for example.
posted by delmoi at 7:32 AM on September 28, 2010


I wouldn't be too embarrassed to be caught watching Party Babes, for example. Those babes sound like they know how to have a good time.
posted by 2bucksplus at 7:32 AM on September 28, 2010


Mod note: few comments removed - folks - please don't cut/paste people's postal codes and names here, thewy're a lot more granular in the UK than in the US, thanks.
posted by jessamyn (staff) at 7:36 AM on September 28, 2010 [4 favorites]


I'm trying to imagine what Big Boobs Power might actually be.

It's my favorite Clapton live track!

Oh, wait, I thought you said "Blues Power." Never mind...
posted by wenestvedt at 7:36 AM on September 28, 2010


FREDDIE'S BRITISH GRANNY FUCK 1

Seems like schlocky newspaper headlines and schlocky porn titles follow the same syntactic conventions. COPS NAB BRITISH GRANNY FUCK PERP! BIG BOOBS POWER ATTACK THREAT!
posted by nebulawindphone at 7:39 AM on September 28, 2010


Elaborating on what Jessamyn said, I once lived in a building that had its own postcode. This was not particularly uncommon, and UK postcodes generally don't cover much more than a block or two.

In my case, it would have been possible to have mailed a letter to myself with nothing more than the postcode on the envelope. In most cases, it's possible to write a name and a postcode on an envelope, and have a reasonable hope that the letter will be delivered successfully.

They're a lot more granular than postcodes in other countries.
posted by schmod at 7:41 AM on September 28, 2010


I'm trying to imagine what Big Boobs Power might actually be.

Austin's rather tall sister.
posted by ROU_Xenophobe at 7:43 AM on September 28, 2010 [8 favorites]


ArkhanJG : Crossley has as much as admitted the whole point is to make a business model out of threatening people virtually at random, and a certain percentage will pay up just to make it go away (middle class parents with kids, the elderly etc).

So this asshole is a living breathing example of the cure being worse than the sickness, huh? I'd wonder how people like this can sleep at night, but I'm pretty sure it's on big piles of money, and I don't need that kind of anger in me today.
posted by quin at 7:47 AM on September 28, 2010


I lived in the UK for six months twenty years ago. I can't believe that I still remember my old postcode (no one there downloaded porn, sadly). Also, coming from the US and a postman who would occasionally decide that he didn't feel like delivering the mail (we still loved him though), the UK postal system was a huge revelation.
posted by sciencegeek at 7:50 AM on September 28, 2010


- Email evidence that ACS:Law deliberately does not target two UK ISPs, TalkTalk and Virgin Media

Why are they deliberately not doing Virgin and TalkTalk? what reason could there be for this?
posted by shinybaum at 7:50 AM on September 28, 2010


It strikes me that these lists could be seen as a unique resource for sociologists: a sort of involuntary survey on people's pornography preferences and habits. This sort of thing is notoriously hard to poll in ordinary circumstances, what with all that pesky shame we drag around with us. I admit the statistics are skewed in various ways - you can't know whether the person named actually downloaded the items in question, making it hard to judge gender distribution, for example. But for the first time we have empirical evidence to back up the assertion that almost everybody likes Party Girls.
posted by jrengreen at 7:50 AM on September 28, 2010


"It's time we got a better web designer," said Andrew crossley.
posted by Joe in Australia at 7:54 AM on September 28, 2010 [2 favorites]


It strikes me that these lists could be seen as a unique resource for sociologists: a sort of involuntary survey on people's pornography preferences and habits.

This is a good idea, but this list is of those files shared. It doesn't factor in what people watch online for free or what they pay for.
posted by Sticherbeast at 7:57 AM on September 28, 2010


Why are they deliberately not doing Virgin and TalkTalk? what reason could there be for this?

I guess because the TalkTalk boss basically told the Digital Economy Bill to fuck off:
* Unless we are served with a court order we will never surrender a customer’s details to rightsholders. We are the only major ISP to have taken this stance and we will maintain it.
* If we are instructed to disconnect an account due to alleged copyright infringement we will refuse to do so and tell the rightsholders we’ll see them in court.


Dunno about Virgin but maybe they took a similar stance.
posted by EndsOfInvention at 8:12 AM on September 28, 2010 [2 favorites]


This is a good idea, but this list is of those files shared. It doesn't factor in what people watch online for free or what they pay for.

These are the sorts of issues that no doubt are setting some excitable grad student's mind ablaze at this very moment.
posted by jrengreen at 8:15 AM on September 28, 2010


Well thank goodness I'm with Virgin then, now my secret porn watching habits are still between me, Lex Luthor, and whoever is supplying the donkey.
posted by shinybaum at 8:20 AM on September 28, 2010


Why are they deliberately not doing Virgin and TalkTalk?

I'm pretty sure you'll find Doing Virgin and TalkTalk somewhere on that list of titles.

Right between Freddie Uses His 12 Inch Truncheon of Supreme Love To Drill His Best Friend's Big Boobed Asian Granny and Nurses, eh? Who Knew They Were Such Dirty Slags?
posted by MuffinMan at 8:22 AM on September 28, 2010


I'm trying to imagine what Big Boobs Power might actually be.

Download it and find out
posted by fire&wings at 8:33 AM on September 28, 2010


Wait, what? There's pornography in Britain?

Well, all right then.


posted by mmrtnt at 8:35 AM on September 28, 2010


Wait, what? There's pornography in Britain?

Yes, yes there is.
posted by ryoshu at 8:44 AM on September 28, 2010


So this fine will be per infringement, right? Because, you know, sauce for the goose.
posted by TheWhiteSkull at 8:44 AM on September 28, 2010 [1 favorite]




4chan poster for the attack via torrentfreak article.

Fascinating story.
posted by armisme at 8:51 AM on September 28, 2010 [1 favorite]


...sauce for the goose.

I saw that one.

(But I downloaded it legally, I swear!)
posted by mmrtnt at 8:51 AM on September 28, 2010


Latino Spunk Gobblers was nowhere near as good as the book.

Just wait for the sequel--Latino Spunk Gobblers 2: Electric Penis Goo.
(Alternately, Latino Spunk Gobblers 2: The Dickening.)
posted by Mr. Bad Example at 8:59 AM on September 28, 2010 [2 favorites]


Ha! One of my old neighbours likes BRITISH UNDERWEAR PARTY.

Bit dissapointed that none of the d/lers with post codes ending in BJ downloaded any blow job films.
posted by i_cola at 9:19 AM on September 28, 2010


The postcode search is down
Google appear to have blacklisted the API keys which I use to perform postcode searches.
As a consequence, this site no longer works. It probably won't be coming back.


My main finding was that where I live about 2/5ths of the alleged downloaders were women, in the right-wing, conservative, small town area I grew up in less than a third were, in my old student neighbourhood more than half were.

Obv. this may reflect whether women are responsible for broadband subscriptions, rather than whether they're downloading porn, but the demographic differences were fairly stark, if not massively informative.
posted by AFII at 9:20 AM on September 28, 2010 [1 favorite]


Agreed. Script problems from day one. I despair to think of how the prequels will turn out. Probably full of CGI nonsense.

I'm just worried about directors that pervert the original story in the re-release.

Juan shot first!
posted by sebastienbailard at 9:31 AM on September 28, 2010


The postcode search is down

If you d/l the gzipped SQL dump of latitude/longitude data & open it with BBEdit or somesuch you'll be able to read the database quite easily. (Pretty colours in BBE.)
posted by i_cola at 9:32 AM on September 28, 2010


I hate the future.

I hate the past and present, too.
posted by infinitywaltz at 9:46 AM on September 28, 2010


Ha! One of my old neighbours likes BRITISH UNDERWEAR PARTY

Hell, I'd vote for them. Ugly, but practical and probably from M&S.

(Not S&M.)
posted by Grangousier at 10:01 AM on September 28, 2010


Panther Moderns take down asshole lawyer.
posted by codacorolla at 10:02 AM on September 28, 2010


Ha! One of my old neighbours likes BRITISH UNDERWEAR PARTY.

posted by i_cola at 5:19 PM on September 28


Hell, who doesn't?

Oh God. I've said too much.
posted by Decani at 10:31 AM on September 28, 2010


I wouldn't watch UK STUDENT HOUSE 3 if you paid me. That can only possibly sound hot to people who haven't been near students for the last twenty years.

I believe you'll find The Young Ones premiered 28 years ago.
posted by Diablevert at 10:50 AM on September 28, 2010 [2 favorites]


Does anyone know if it's possible for a website to protect itself, so further DDos attacks would not succeed ?

If so how long would it take to implement these changes (whatever they are) and how much, roughly, would it cost ?
posted by selton at 11:15 AM on September 28, 2010


Since ACS:Law apparently google their own name, in combination with usernames, in order to write more letters after they're politely told to bugger off in the first reply, I may well end up on their shitlist at some point for my post above.

Therefore, hapless ACS:Law researcher I can inform you that despite my low opinion of you, your company, your legal practises and your hygiene*, I have never received one of your letters, or one from from of your predecessors. I do not upload, not do I authorise the upload of hardcore pornography via my IP using P2P technologies.

This is because of the following:
1) bittorrent is well slow, innit.
2) I'm an IT professional, and frankly I would not use P2P to share such files using my own login name, with my own email address because I am not thick. Were I do such thing, I would use a throwaway account and a cheap VPN provider from sweden. This is not an admission of using a cheap VPN provider in sweden.
3) Were my wife to find me downloading "FREDDIE'S BRITISH GRANNY FUCK 1", she would literally cut my knob off. No joke.
4) I imagine if I ever did find myself downloading "FREDDIE'S BRITISH GRANNY FUCK 1"**, I would cut off my own knob in genteel British horror.

Ergo, this is not the ArkhanJG you're looking for. Please find someone else to harass.


* Yes, I have no idea about your personal hygiene, ACS:Law researcher. It's about as likely of being accurate as your random accusations of pensioners sharing hard-core pornography, and for the same statistical reason.
** Presumably there's a FREDDIE'S BRITISH GRANNY FUCK 2, and FREDDIE'S BRITISH GRANNY FUCK 3? I'm sure as Freddie fucks grannies not going to be googling it to find out.

posted by ArkhanJG at 11:33 AM on September 28, 2010 [4 favorites]


Ha! One of my old neighbours likes BRITISH UNDERWEAR PARTY.

And another fine band name is born!
posted by davejay at 11:57 AM on September 28, 2010


Incidentally, if anyone finds themselves on the receiving end of one of these speculative invoices, BeingThreatened.com appears to be an excellent resource for contesting the claim - including this pdf about it.

Also, this article and this article on torrentfreak go through some of the revealed emails - and how ACS:Law specifically rate claimants with Action Points on whether they'll be embarrassing to persue, such as bewildered old age pensioners or too destitute to bother with.

In case you were in any doubt about their standards;

On one letter a married man explains how he, his wife and his family have been affected by wrongful allegations that he downloaded gay porn movie ‘Bareback Britain’. Despite denials of any infringement, ACS:Law persist on behalf of client Media CAT and send back in response their template letter known as “Sensitive template”.

A single mother of two explains how her husband who left her the previous year could have been responsible for the infringement and offers to pay the ‘fine’ of £495 in instalments for £20/£30 per month. Despite ACS:Law accepting that the lady did not infringe, a company employee advises “I believe this [the offer to pay in instalments] should be accepted.”


Oh, and ACS:Law keep roughly 40% of the monies raised. And that 30% of claimants pay up, despite ACS:Law having never taken a single alleged infringer to court? Or that they specifically demand £495 in repeated aggressive letters, because it increases the payout rate?

Nice.
posted by ArkhanJG at 11:59 AM on September 28, 2010 [4 favorites]


I'd wonder how people like this can sleep at night, but I'm pretty sure it's on big piles of money...

TorrentFreak has the numbers. TechDirt has the analysis.
posted by Ritchie at 4:18 AM on September 29, 2010


Dang. Just realized ArkhanJG already posted the TorrentFreak link.
posted by Ritchie at 4:20 AM on September 29, 2010


That can only possibly sound hot to people who haven't been near students for the last twenty years.

Have you seen students these days? They're taking their style cues from Gossip Girl. Gone are the days when they shopped in Oxfam and ate value beans. However, the adult superstore on Oxford Street sells plenty of 'chav slut' and granny-based porn if that's your bag.

I can't get the postcode checker to work. We're not on Sky and I don't download porn but I am intrigued. Is it telling you who downloaded what? Because there's a former landlord I fancy having a look on...
posted by mippy at 9:01 AM on September 29, 2010


From the look of what was pasted in this thread and then deleted by Jessamyn, it was showing the post code, the name of the person who had the broadband contract that matched the IP (because that's all you can tell from the IP - not who was actually using the computer) obfuscated like Mr Fred S*********, and the name(s) of the infringing porn film(s). Hence the reason that stuff was deleted from here is that you can quite easily identify someone from their first name and post code.
posted by EndsOfInvention at 9:12 AM on September 29, 2010






« Older How is mixtape formed?   |   The Force of liberal guilt, it is strong. Newer »


This thread has been archived and is closed to new comments