Identity Theft Greatest 2008 Threat From P2P File Sharing
While 2007 saw a record number of consumers negatively impacted,
2008 promises to continue with an abnormally high amount of data
breaches as identity thieves continue to adjust their tactics to match
evolving information security practices.
According to statistics published by the Identity Theft Resource
Center, 125,142,405 consumers were unnecessarily exposed to
identity theft in 2007. Folks, that's nearly 1/2 of the entire U.S.
While we have reviewed a financial services industry research firm's
claim that 2008 is forecasted to be a year of decline in terms of the
number of aggregate data breaches involving consumer identity
theft exposure, we believe there is considerable room for improvement.
According to the Identity Theft Assistance Center & the SANS
Institute, popular P2P file sharing applications pose one of the
single most vulnerable internet security holes to be exploited
this year by identity thieves.
From a recent Help Net Security article on the topic, the
Associated Press reported that “more than 1 billion
searches are conducted daily over peer-to-peer systems.
A good number involved bank names, the word “password”
and other terms that appear to be attempts by would-be
thieves to dig up other people’s sensitive documents.”
Think this is just a warning only, think again as the
Help Net Security article pointed out how just 3 of the
top consumer data security breaches from 2007 were
attributed to file sharing applications:
November, 2007 - Thirty-five year old Seattle man
pleads guilty to using P2P file sharing programs to access
the computers of victims and steal their personal information
from tax returns, credit reports, bank statements and
student financial aid applications.
September, 2007 - Over 5,000 social security numbers
and other personal information on customers of
Citigroup’s ABN Amro Mortgage Group were
exposed over a P2P file sharing network. A
former business analyst joined a file sharing
network where people share music and video.
Work-related information that she had downloaded
onto her personal computer was inadvertently shared.
June, 2007 – Over 17,000 social security numbers of
current and former Pfizer employees were exposed
by a laptop owned by Pfizer and used by an employee.
The employee’s spouse used a P2P file sharing program
and inadvertently shared documents containing the
So, our tip for today is directed to parents who let
their children utilize popular P2P file sharing applications
such as Limewire, etc.
You have two choices to protect yourself from inadvertent
identity theft exposure. First, you can simply delete the
P2P file sharing software from your hard drive and
make sure your child does not have administrator
level rights to reinstall it at some later date.
Or, secondly, you can backup any sensitive files to a
thumb drive and then subsequently delete those
files off your hard drive altogether.
Failure to do either of these two can result in your sensitive
personal information from being needlessly exposed to
identity thieves who could even by half way around the
world operating in some foreign country well beyond the
reach of our local law enforcement authorities.