FTC warns 100 companies of P2P Data leaks

P2P networks opens up PCs or corporate networks so that data on these systems can be transported as noted below.  Strong corporate policies and monitoring are needed to prevent this exposure.

FTC warns 100 companies of P2P Data leaks
http://www.ftc.gov/opa/2010/02/p2palert.shtm

QUOTE: The Federal Trade Commission has notified almost 100 organizations that personal information, including sensitive data about customers and/or employees, has been shared from the organizations’ computer networks and is available on peer-to-peer (P2P) file-sharing networks to any users of those networks, who could use it to commit identity theft or fraud. The agency also has opened non-public investigations of other companies whose customer or employee information has been exposed on P2P networks.

Peer-to-peer technology can be used in many ways, such as to play games, make online telephone calls, and, through P2P file-sharing software, share music, video, and documents. But when P2P file-sharing software is not configured properly, files not intended for sharing may be accessible to anyone on the P2P network.

“Unfortunately, companies and institutions of all sizes are vulnerable to serious P2P-related breaches, placing consumers’ sensitive information at risk. For example, we found health-related information, financial records, and drivers’ license and social security numbers--the kind of information that could lead to identity theft,” said FTC Chairman Jon Leibowitz. “Companies should take a hard look at their systems to ensure that there are no unauthorized P2P file-sharing programs and that authorized programs are properly configured and secure