ABN Amro employee exposes personal data on 5,000 mortgagees by installing BearShare
In another instance of security leaks caused by peer-to-peer file sharing software, Citigroup's ABN Amro mortgage unit Friday reported that a former employee has exposed three spreadsheets containing more than 5,000 Social Security numbers and other personal details about customers.
Tiversa, a Pittsburgh company that offers data-leakage protection services, traced the origins of the ABN data to a Florida computer with the BearShare software installed, according to a report.
BearShare, LimeWire, and scores of other peer-to-peer (P2P) programs are designed to distribute and find songs, movies, and other files over the Gnutella file-sharing network. Several other P2P-related data leaks have been reported this year, including the loss of some 17,000 names and Social Security numbers at Pfizer. (See Pfizer Falls Victim to P2P Hack.)
Tiversa Chief Executive Robert Boback said Tiversa had yet to perform a full analysis to see how far the data had spread worldwide, but found evidence the files already had moved beyond the former employee's computer.
"There is no question in my mind that... identity thieves have these files, and if they haven't already, they will be acting on them very soon," Boback said Friday. Tiversa was investigating the breach on behalf of a reporter for Dow Jones Newswires, which reported on the leakage earlier.
Boback said more than 1 billion searches are conducted daily over peer-to-peer systems. A good number involve bank names, the word "password," and other terms that appear to be attempts by would-be thieves to dig up other people's sensitive documents, he said.
Citigroup says it's investigating the leak.
— Tim Wilson, Site Editor, Dark Reading
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024