FTC finds sensitive data on P2P networks, issues warning

The FTC issues a warning about personal and sensitive information, including social security numbers, being found on peer-to-peer networks
Written by Sam Diaz, Inactive

There are more than just pirated movies and music on peer-to-peer networks these days. The Federal Trade Commission says there are also financial records, social security numbers, driver's license numbers and health-related information on those networks.

It's important to note that the government isn't suggesting that some sort of widespread identity theft hacking has been going on. Instead, officials believe its some cluelessness and carelessness among workers with access to this sort of data that may be to blame.

The agency said it has notified 100 organizations whose data was found on the P2P networks and is releasing new educational materials that explain the risks of using such networks and suggestions on how to manage their use. At issue is the configuration of the networks, which could automatically cause files uploaded to certain folders on a hard drive to be shared across the P2P network.

In a statement, FTC chairman Jon Leibowitz said:

Unfortunately, companies and institutions of all sizes are vulnerable to serious P2P-related breaches, placing consumers’ sensitive information at risk...Companies should take a hard look at their systems to ensure that there are no unauthorized P2P file-sharing programs and that authorized programs are properly configured and secure. Just as important, companies that distribute P2P programs, for their part, should ensure that their software design does not contribute to inadvertent file sharing.

The agency said notices went to both private and public entities, including schools and local governments, of all sizes. The agency also stressed that receiving a latter didn't necessarily mean that the entity violated any law enforceable by the FTC. The notices went to entities both under and not under FTC jurisdiction.

Editorial standards