According to the Identity Theft Assistance Center, a national nonprofit coalition dedicated to protecting consumers from identity theft, throughout 2008 “criminals will continue to exploit new technologies to commit identity theft.” At the top of their list of “major event” security breaches from 2007 is a case involving a peer-to-peer (P2P) file-sharing network. Similarly, the SANS Institute has identified P2P file-sharing applications as one of the most crucial Internet security vulnerabilities.
The Associated Press recently reported that “more than 1 billion searches are conducted daily over peer-to-peer systems. A good number involved bank names, the word “password” and other terms that appear to be attempts by would-be thieves to dig up other people’s sensitive documents.”
Kids & Digital Content reports that 70 percent of tweens (kids ages 9 through 14) are downloading digital music. The NPD Group has stated that “high levels of illegal peer-to-peer (P2P) file sharing” are attributed as the source of those downloads. “Despite the severe risk of using P2P networks, their popularity is on the rise,” said Todd Feinman, CEO of Identity Finder. He added that, “Millions of Americans use file sharing to download music, movies and games over the Internet but don’t realize they’re inadvertently letting strangers download their own, their colleagues — or, in the case of tweens, their parents’ — financial, tax return and personal files.”
The problem with many of the P2P applications is they often lead to an individual sharing everything on his or her computer. Last month, Mary Engle of the Federal Trade Commission stated, “We're concerned that consumers may accidentally share folders that contain private documents that they don't intend to share.” The danger here is clear, as it is commonly acknowledged that criminals now troll file-sharing networks for the sole purpose of finding sensitive data that can be used to commit identity theft.
While companies are educating employees on the dangers of P2P applications, people continue to use them at work and at home, often believing that their firewall and antivirus software will protect them. But these traditional security products simply cannot protect against inadvertent disclosure or sophisticated hackers.
One solution, Identity Finder, however, has the ability to automatically search for Social Security numbers, credit card numbers, passwords and other confidential information inside documents, spreadsheets, e-mails, Web browsers and hidden areas of computers. It then helps individuals securely delete the data or protect the information with encryption.
“By installing Identity Finder, enterprises and individuals alike can stay one step ahead of the criminals and effectively offset most vulnerabilities associated with file sharing applications,” explained Feinman.
Below are three examples of 2007’s “major events” involving file sharing:
- November 2007: Thirty-five-year old Seattle man pleads guilty to using P2P file-sharing programs to access the computers of victims and steal their personal information from tax returns, credit reports, bank statements and student financial aid applications.
- September 2007: More than 5,000 Social Security Numbers and other personal information on customers of Citigroup’s ABN Amro Mortgage Group were exposed over a P2P file-sharing network. A former business analyst joined a file-sharing network where people share music and video. Work-related information that she had downloaded onto her personal computer was inadvertently shared.
- June 2007: More than 17,000 Social Security numbers of current and former Pfizer employees were exposed by a laptop owned by Pfizer and used by an employee. The employee’s spouse used a P2P file-sharing program and inadvertently shared documents containing the personal information.