P2P breach hits Congress

Congress is looking a little sheepish right now after confidential information about House Ethics Committee investigations were loaded onto public file-sharing computer networks and became available for the world to see. The data breach occurred when a junior staff member, since fired, inadvertently downloaded a document into the public domain in a P2P snafu.

As of last Friday, it had been downloaded by users in Washington, New York, London and elsewhere, the Washington Post reports.

It was a wakeup call for House leaders who have ordered an "immediate and comprehensive assessment" of congressional cybersecurity policies. More importantly, it has caused enormous embarrassment for the House Ethics Committee and about 30 House members whose conduct and activities allegedly are being reviewed. It is unclear how substantial the probes are or whether the committee is even investigating every report of misconduct that comes its way.

Speaker Nancy Pelosi (D-Calif.) and Minority Leader John A. Boehner (R-Ohio) stepped up to regain control of the situation following the disclosure. "We are working diligently to provide the highest level of data security for the House in order to ensure that the operations of House offices are secure from unauthorized access," Pelosi and Boehner said in a statement.

The culprit is a popular software that allows computer users to share music or other files and is easily available online. But it also allows anyone with the software on a computer to access documents of another user without permission, as long as the users are on a file-sharing network at the same time.

"Individual error and sloppiness is always the Trojan horse of cybersecurity," said Rep. Zoe Lofgren, chairman of the ethics committee.

For more on this latest government data breach:
- see this Washington Post article

Related Articles:
Soldiers' data stolen exploiting P2P
Time to control P2P usage on fed computers
10 most terrifying IT breaches of 2009