By Thomas Claburn
February 23, 2010
The Federal Trade Commission on Monday said that it had notified almost
100 organizations in both the public and private sector that they need
to review their security practices.
In letters to these organizations, the FTC says that "at least one
computer file containing sensitive personal information from or about
your customers and/or employees has been shared from your computer
network, or the network of one of your service providers, to a
peer-to-peer file sharing (P2P) network."
Failure to prevent this information from being shared may represent a
violation of one or more laws that the FTC enforces, such as the
Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, and the Federal
Trade Commission Act.
The FTC however has not filed any lawsuits related to these breaches.
FTC Chairman Jon Leibowitz said in a statement that companies of all
sizes are vulnerable to P2P-related breaches. He said that the FTC found
information that could be used to commit identity theft, including
health information, financial data, drivers' license numbers and social
Register now for HITBSecConf2010 - Dubai, the premier
deep-knowledge network security event in the GCC,
featuring keynote speakers John Viega and Matt Watchinski!