In another instance of security leaks caused by peer-to-peer file sharing software, Citigroup's ABN Amro mortgage unit Friday reported that a former employee has exposed three spreadsheets containing more than 5,000 Social Security numbers and other personal details about customers.
BearShare, LimeWire, and scores of other peer-to-peer (P2P) programs are designed to distribute and find songs, movies, and other files over the Gnutella file-sharing network. Several other P2P-related data leaks have been reported this year, including the loss of some 17,000 names and Social Security numbers at Pfizer. (See Pfizer Falls Victim to P2P Hack.)
Tiversa Chief Executive Robert Boback said Tiversa had yet to perform a full analysis to see how far the data had spread worldwide, but found evidence the files already had moved beyond the former employee's computer.
"There is no question in my mind that... identity thieves have these files, and if they haven't already, they will be acting on them very soon," Boback said Friday. Tiversa was investigating the breach on behalf of a reporter for Dow Jones Newswires, which reported on the leakage earlier.
Boback said more than 1 billion searches are conducted daily over peer-to-peer systems. A good number involve bank names, the word "password," and other terms that appear to be attempts by would-be thieves to dig up other people's sensitive documents, he said.
Citigroup says it's investigating the leak.
Tim Wilson, Site Editor, Dark Reading