A serious data breach involving victims of historical institutional abuse could potentially result in compensation claims running into millions of pounds, a legal source has said.
oncerns were raised after the details of 250 people, including abuse victims, were leaked on Friday in an email error from the office of Brendan McAllister.
A victims' group and several political leaders have already called on Mr McAllister, the interim Advocate for Victims and Survivors of Historical Institutional Abuse, to step down immediately.
Mr McAllister has issued an apology to those affected and said an investigation into the breach is under way.
The leaked communication listed the email addresses of 250 people, with many already instructing their solicitors to launch civil claims.
One man, who asked only to be identified as PJ, said he was one of the victims named on the list.
He said he had been left "outraged" by the breach and would be seeking compensation.
"I have been the victim of a data breach before which caused me to get beaten up.
"The consequence of that now is that I have to sneak into Northern Ireland any time I visit my parents.
"Some people may think this is a trivial thing but it can have serious consequences and I do think Brendan McAllister needs to go."
A legal source said the breach could entitle each person to compensation of at least £10,000 depending on what damage can be shown, potentially bringing the damages bill to £2.5m.
Solicitor Claire McKeegan of Phoenix Law represents the group Survivors and Victims of Institutional Abuse (Savia).
She did not give a figure on the potential costs of any claims, but said the group's trust in the interim advocate had now been "shattered".
"This has had a devastating impact on the victims and survivors who have had their data security seriously breached," she said.
"Many of them have underlying psychiatric conditions which have now been exacerbated by the upset and distress caused by the interim advocate unwittingly releasing their information."
She added that many had now instructed the firm to issue civil cases for compensation and an acknowledgement of the seriousness of the breach.
"Many of them have never shared their childhood experiences with even their families," she said.
"These people need help and support, so for something like this to happen obviously discourages victims and survivors from reaching out to the services that they so badly need."
Solicitor Owen Beattie from KRW Law said his firm had been instructed to issue proceedings on behalf of dozens of victims.
He added that legal precedent pointed to a value of between £5,000-£15,000 for each breach of data protection laws.
Mr Beattie said it was now crucial to make sure the leaked details were not disseminated any further and that the investigation takes place quickly to restore confidence in the interim advocate's office.
Jon McCourt from the group Survivors North West called the breach embarrassing but said he still had full confidence in Mr McAllister.
He said: "I know there has been an apology - whether the trauma this has caused is greater than what an apology can fix remains to be seen."
TUV leader Jim Allister called the breach "a catastrophic failure" and said Mr McAllister had no option but to resign.
"These are people who were shielded from publicity, now exposed by the very person or office which is supposed to be their advocate," he said.
"It's totally preposterous and I think that there's no honourable way forward but for the interim commissioner to resign.
"Their personal data has been exposed in breach of the Data Protection Act, so I do think they will quite rightly be looking to their remedies."
Ulster Unionist MLA Doug Beattie added to calls for McAllister to stand down, saying the breach had been "devastating" for many victims and eroded trust in the office.
The SDLP MLA Colin McGrath did not go as far as calling for a resignation, but said it was "very worrying news" and welcomed the apology and that an investigation was taking place.