The Twitter account of Arron Banks, the founder of the pro-Brexit campaign Leave.EU, has been hacked.
The perpetrator has leaked thousands of his private messages to and from dozens of other people spanning several years.
In a statement, Mr Banks accused Twitter of taking too long to tackle the issue and said the social network had "deliberately chosen" to leave his personal information online.
Twitter said it had "taken steps to secure the compromised account".
"We will continue to take firm enforcement action in line with our policy which strictly prohibits the distribution on our service of materials obtained through hacking," Twitter said in a statement.
A statement from https://t.co/p8LEuOGIf2 chairman Arron Banks:— Leave.EU (@LeaveEUOfficial) November 19, 2019
It is not known who carried out the attack.
The data was made available by the hackers in the form of a link to a download. The original file is no longer online.
One expert said the hacker, if caught, could be prosecuted under the Computer Misuse Act, and that others who made use of the material would be walking into a legal minefield.
"Even if Arron Banks was using Twitter in a private capacity rather than as Leave.EU, the data was misappropriated from Twitter and that likely engages the Data Protection Act," commented Tim Turner, a data protection consultant.
"There are public interest defences for using unlawfully obtained data, but that requires a journalist or other person to gamble that they can successfully argue that the public interest supports whatever use they make of it.
"You cannot know for certain that the public interest will back up any particular course of action; a person would have to act first, and see what follows."
Avon and Somerset Police has confirmed that it is investigating the matter.
"We're investigating whether any offences have been committed under the Computer Misuse Act after we received a report a Twitter account was compromised," said a spokesman.
In February 2019, Leave.EU and an insurance company owned by Mr Banks were fined £120,000 by the Information Commissioner's Office for breaching data protection laws.
"Arron Banks has shown extraordinary contempt for the ICO and British data laws and so this is a moment for him to reflect on the need for those laws and a regulator to enforce them," said the journalist Carole Cadwalladr.
Ms Cadwalladr and Mr Banks have had many battles over her investigations into his affairs.
#arronbanksleaks Right. I've just been sent the first set of direct messages from the file. They're pretty explosive. What are the ethics/legals on this, world?— Carole Cadwalladr (@carolecadwalla) November 19, 2019
She said in a tweet that she had been sent some direct messages, said to be from the hacked account.
They were "pretty explosive" she tweeted.
Ms Cadwalladr told the BBC she had not downloaded any data.
Mr Banks' Twitter account was suspended following the breach but is now working again.