According to the Wasington Post, the personal data of over 2,000 clients of an investment firm were available to the public. One of the firm employee’s used a file-sharing network to trade a media file and erringly opened the files containing this private data. Those involved in this breach, included a Supreme Court Justice. This exposure was not detected until about six months later when a Wahingtonpost.com reader, read one of their blogs and then later used the same file-sharing website as the accused employee.

The file-sharing service is called LimeWire and allows computer users to link to each other’s computers directly in order to share movies, music and other media files. This eliminates the need to use a website to manage data between the two. Many users do not realize that this service also opens up access to all data stored on their computer, not just the files they wish to share.

Earlier this year, personal data (including medical records and social security numbers) for at least 1,000 patients from an army medical center were exposed the same way. Pfizer had an incident of the same nature in 2007, when one of their employee’s installed this software on one of the company’s laptop computers. This breach involved 17,000 current and former personnel.

This entry was posted on Thursday, August 21st, 2008 at 9:28 am and is filed under File sharing and identity theft. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.