Data Breach Caused By Limewire at Investment Firm

Washington Post story which clearly illustrates why you need to be careful with file sharing programs like Limewire, despite the peer-to-peer (P2P) application arena having enormous potential.

Sometime late last year, an employee of a McLean investment firm decided to trade some music, or maybe a movie, with like-minded users of the online file-sharing network LimeWire while using a company computer. In doing so, he inadvertently opened the private files of his firm, Wagner Resource Group, to the public.

P2P applications like Limewire, allows you to share and swap files. Most people use it to share and download movies and music with other users. For those of you who have kids that use your computer, or their own computer on a local home network, be aware of P2P file sharing apps like Limewire. Companies should make it part of their corporate security policy to ban the installation and use of P2P apps (unless of course you have a business need). With P2P applications, such as Limewire, it’s pretty simple to, inadvertently, open up folders on your computer for sharing with the rest of the world.

…officials found that more than a dozen LimeWire users in places as far away as Sri Lanka and Colombia downloaded the list of personal data from the Wagner network.

And if your kids are using your computer and Limewire, you may be sharing your folders already.

In the case outlined in the Washington Post article, the McLean investment firm made two very big mistakes. One, allowing the employee to install and use Limewire. The second, not having their client information encrypted and stored in a secure location. Both of which, could  have easily been avoided using simple solutions.