FTC: Data breaches linked to P2P services

The Federal Trade Commission is on a hunt to deal with data breaches after pinpointing a practice that is increasingly the culprit.

The FTC sent letters to 100 organizations where personal data, including Social Security numbers, had been leaked through peer-to-peer web services. The organization said it had discovered the widespread data breaches at companies, schools and local governments. It turns out employees were swapping music, software and movies over the Internet.

"Unfortunately, companies and institutions of all sizes are vulnerable to serious P2P-related breaches, placing consumers' sensitive information at risk," FTC Chairman Jon Leibowitz said in a news release. The agency said it has launched separate investigations of some companies as a result of its file-swapping inquiry.

Leibowitz went on to say: "Companies should take a hard look at their systems to ensure that there are no unauthorized P2P file-sharing programs and that authorized programs are properly configured and secure."

The investigation is the broadest of its kind by the agency, according to security experts. It comes at a time when Internet privacy is under a microscope, and the federal government is working hard to prevent breaches from government systems, often the fault of employees working inside.

Jeffrey Chester, executive director of the Center for Digital Democracy, tells the Washington Post:  "Everything is coming to a head here and the FTC is acting effectively and prudently in trying to grapple with this very fast moving marketplace."

The FTC action follows a P2P disaster on Capitol Hill that became a wake-up call across government. In that case, a congressional aide on the House ethics committee used a P2P network that allowed a document on her server outlining ethical allegations against 30 House members to be released to the public.

For more on the FTC and P2P cases:
- see this Washington Post article

Related Article:
P2P breach hits Congress