UK Shopping City, which exposed personal data about its customers on the Web, pulls down the offending Web pages and says it is aware of the problem.
The Internet shopping destination, a site that features many well-known retailers, unwittingly exposed details such as addresses, phone numbers, genders and ages of more than 1,700 individuals. The shoppers had filled out a form, which in turn also asked them to recommend three friends--who were also listed online by name and e-mail address--taking the total number affected to almost 7,000.
"We've been running this site since 1995, and since changing over servers recently there must have been a problem," said Nicholas Tee, managing director of UK Shopping City.
He said his company is aware of the Data Protection Act 1998 and that he even wrote to the Information Commissioner's Office four to five months ago with a complaint of his own.
Tee said the online retailer acted as quickly as it could to fix the problem.
The company said that it is new to the problem of personal privacy leaks.
"We've never had problems before, but people will always have them. It's a never-ending rat race and there will always be doors in the back of systems," said Alan Walker, Web master of UK Shopping City.
He said it is unlikely the company will contact people whose details have been exposed.
Lawyers on Tuesday said that authorities must impose financial punishments on even minor breaches of the Data Protection Act.
The Information Commissioner's Office said it would look into the case.
Silicon.com's Tony Hallett reported from London.