FTC Chairman Jon Leibowitz says data leaks can lead to ID theft. The Federal Trade Commission today put nearly 100 companies and agencies on notice that their employees appear to be regularly leaking large amounts of sensitive customer and employee data on popular peer-to-peer, or P2P, file-sharing networks.
The FTC did not name names, either of the victimized organizations or of the P2P networks. FTC Chairman Jon Leibowitz warned that “companies and institutions of all sizes are vulnerable to serious P2P-related breaches, placing consumers' sensitive information at risk,"
This is a long-debated concern on which studies have been done and for which Congressional hearings have been held. The basic problem has to do with well-meaning employees taking company files home and loading them on their personal PCs to work on.
If that PC is subsequently used to download free music or videos at LimeWire, Kazaa or dozens of other P2P networks -- and the user is not careful about configuring the download -- work files can get exposed to all users of the network. “It sounds preposterous, but sensitive information leaking out unintentionally like this is amazingly common," says Eric Johnson, director of digital strategies at Dartmouth's Tuck School of Business.
In fact, data leakage via P2P networks has become so commonplace that there are cybercrime gangs who specialize in continually searching P2P sites for sensitive work documents. FTC investigators easily found health-related information, financial records, drivers' license and social security numbers accessible on P2P networks -- “the kind of information that could lead to identity theft," says Leibowitz.
The FTC did not name names, either of the victimized organizations or of the P2P networks. FTC Chairman Jon Leibowitz warned that “companies and institutions of all sizes are vulnerable to serious P2P-related breaches, placing consumers' sensitive information at risk,"
This is a long-debated concern on which studies have been done and for which Congressional hearings have been held. The basic problem has to do with well-meaning employees taking company files home and loading them on their personal PCs to work on.
If that PC is subsequently used to download free music or videos at LimeWire, Kazaa or dozens of other P2P networks -- and the user is not careful about configuring the download -- work files can get exposed to all users of the network. “It sounds preposterous, but sensitive information leaking out unintentionally like this is amazingly common," says Eric Johnson, director of digital strategies at Dartmouth's Tuck School of Business.
In fact, data leakage via P2P networks has become so commonplace that there are cybercrime gangs who specialize in continually searching P2P sites for sensitive work documents. FTC investigators easily found health-related information, financial records, drivers' license and social security numbers accessible on P2P networks -- “the kind of information that could lead to identity theft," says Leibowitz.
For more information contact All About Jazz.
