Government Technology

Report: 'Widespread' Data Exposure on P2P File-Sharing Networks



February 22, 2010 By

At nearly 100 U.S. organizations -- including schools and local governments -- users with access to peer-to-peer (P2P) file-sharing networks can steal sensitive information about customers and employees, and these data breaches can be used to commit identity theft and fraud, according to a report Monday, Feb. 22, by the Federal Trade Commission (FTC), the nation's consumer protection agency.

The FTC sent out notification letters to these organizations and has launched investigations of other companies with sensitive data that has been exposed on P2P networks. While P2P technology is used to play games, make online calls, share music, videos and documents, incorrect configurations of the P2P file-sharing software can make personal information public.

In a release about the breaches, FTC Chairman Jon Leibowitz said, "We found health-related information, financial records, and driver's license and Social Security numbers -- the kind of information that could lead to identity theft. Companies should take a hard look at their systems to ensure that there are no unauthorized P2P file-sharing programs and that authorized programs are properly configured and secure."

The FTC is releasing educational materials to help businesses learn how to manage risks, and Leibowitz also said companies that distribute P2P programs should take precautions to make sure that their software doesn't share files inadvertently.

In the letters, the FTC urged the exposed organizations to review their own security practices as well as those of contractors and vendors.

"It is your responsibility to protect such information from unauthorized access, including taking steps to control the use of P2P software on your own networks and those of your service providers," the letters said.

Tips for consumers about computer security and P2P can be found at www.onguardonline.gov/topics/p2p-security.aspx. To file a complaint, visit www.ftccomplaintassistant.gov or call 1-877-382-4357.

 


| More

Comments

Janice Taylor-Gaines    |    Commented February 23, 2010

I think David Scott is right: Most individuals and organizations enjoy Security largely as a matter of luck. Anyone else here reading I.T. WARS? I had to read parts of this book as part of my employee orientation at a new job. The book talks about a whole new culture as being necessary - an eCulture - for a true understanding of security, being that most identity/data breaches are due to simple human errors. It has great chapters on security, as well as risk, content management, project management, acceptable use, various plans and policies, and so on. Just Google IT WARS - check out a couple links down and read the interview with the author David Scott at Boston's Business Forum. (Full title is I.T. WARS: Managing the Business-Technology Weave in the New Millennium).

Janice Taylor-Gaines    |    Commented February 23, 2010

I think David Scott is right: Most individuals and organizations enjoy Security largely as a matter of luck. Anyone else here reading I.T. WARS? I had to read parts of this book as part of my employee orientation at a new job. The book talks about a whole new culture as being necessary - an eCulture - for a true understanding of security, being that most identity/data breaches are due to simple human errors. It has great chapters on security, as well as risk, content management, project management, acceptable use, various plans and policies, and so on. Just Google IT WARS - check out a couple links down and read the interview with the author David Scott at Boston's Business Forum. (Full title is I.T. WARS: Managing the Business-Technology Weave in the New Millennium).

Janice Taylor-Gaines    |    Commented February 23, 2010

I think David Scott is right: Most individuals and organizations enjoy Security largely as a matter of luck. Anyone else here reading I.T. WARS? I had to read parts of this book as part of my employee orientation at a new job. The book talks about a whole new culture as being necessary - an eCulture - for a true understanding of security, being that most identity/data breaches are due to simple human errors. It has great chapters on security, as well as risk, content management, project management, acceptable use, various plans and policies, and so on. Just Google IT WARS - check out a couple links down and read the interview with the author David Scott at Boston's Business Forum. (Full title is I.T. WARS: Managing the Business-Technology Weave in the New Millennium).


Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Fresh Ideas In Online Security for Public Safety Organizations
Lesley Carhart, Senior Information Security Specialist at Motorola Solutions, knows that online and computer security are more challenging than ever. Personal smartphones, removable devices like USB storage drives, and social media have a significant impact on security. In “Fresh Ideas in Online Security for Public Safely Organizations,” Lesley provides recommendations to improve your online security against threats from social networks, removable devices, weak passwords and digital photos.
Meeting Constituents Where They Are With Dynamic, Real-Time Mobile Engagement
Leveraging the proven and open Kofax Mobile Capture Platform, organizations can rapidly integrate powerful mobile engagement solutions across the spectrum of mobile image capture, mobile data capture and complete mobile process integration. Kofax differentiates itself by extending capture to mobility, supporting multiple points of constituent engagement. Kofax solutions dynamically orchestrate the user’s mobile experience from a single platform—reducing time to market, improving process perf
Public Safety 2019
Motorola conducted an industry survey on the latest trends in public safety communications. The results provide an outlook of what technology is in store for your agency in the next five years. Download the results to gain this valuable insight.
View All

Featured Papers