The addresses were released during a test, Marston says
A bailiff group has apologised for the "accidental release" of hundreds of e-mail addresses to the recipients of a debt-chasing message.
A message was sent by the enforcement recovery section of the Marston Group chasing the overdue repayment of loans.
But attached was a list of more than 600 e-mail addresses.
A spokeswoman for the Information Commissioner said the subject of the e-mail was sensitive and the case was a potential Data Protection Act breach.
The Marston Group, based in Westminster in London, is one of the biggest bailiff and court enforcement groups in the UK and has a contract to collect unpaid parking fees and other debts.
At the end of last week, a group of people received an e-mail, seen by the BBC, chasing repayment to a payday loan company.
It warns that an enforcement officer would be sent to the recipient's home in relation to the outstanding debt.
The e-mail appears to have been sent to more than 600 people as all of their e-mail addresses are visible in the "To" box of the e-mail.
The Information Commissioner's Office said it expected companies sending out such mass e-mails to put addresses in the blind "Bcc" box so they were hidden from other recipients.
"They have got to be respectful to the sensitivity of the issue," a spokeswoman said.
The addresses were released by accident in a test of the e-mail system, a spokeswoman for the Marston Group said.
"We are currently contacting everyone whose e-mail address was disclosed to apologise and inform them that immediate steps are being taken to prevent any reoccurrence," she said.
She added that the incident had been treated very seriously, an investigation had taken place and steps had been taken to stop it happening again.
The company would not explain who was on the list of names and why, citing legal reasons.
But Marc Gander, of the Consumer Action Group (CAG), said that the list included at least some people who were being chased for unpaid debts - and as a result it was particularly embarrassing for their names to be circulated.
"The stories of the careless handling of personal data are now a regular occurrence," he said.
"This irresponsible disclosure of personal information by the Marston Group is just another example."
The spokeswoman at the Information Commissioner's Office said she was not aware of any complaints as yet, but the case could be a potential breach of the Data Protection Act.