A law firm that advises customers on ecommerce and employment law has been sucked into an embarrassing high-profile email chain.

Norton Rose employee Bradley Chait received a sexually explicit joke from friend Clare Swires which led to an exchange of saucy emails between the two.

Chait then forwarded Swire's comments to friends, who in turn forwarded them to friends and colleagues. It is estimated that the exchange has now been read by more than one million users, each with Norton Rose's contact details attached.

Andrea Turrell, head of communications at Norton Rose, said that its security systems had not picked up the potentially embarrassing transmission and that Chait himself alerted the firm to the situation.

Turrell said that such emails were practically impossible to detect, despite high levels of security. "We have a substantial IT department with a full-time security manager, and we regularly monitor text emails. Had the message contained obscenities or vulgarities, our systems would have detected it. The original joke, however, simply mentioned a perfectly acceptable medical word."

The incident illustrates how an apparently trivial prank can tarnish a company's trading name. Turrell said that the interest generated by the story in the tabloids had crashed its corporate website.

Warren Foot, head of employment law at solicitor Tarlo Lyons, said that employers must ensure that email policies are made crystal clear to staff. "The stern lesson here is that email is the most insecure method of sending personal data," he said.

Turrell said the company could not comment on whether anyone would be dismissed, but said that there have been sackings in cases similar to this at other companies.