DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

More p2p fiascos

Posted on February 13, 2009 by Dissent

Rian from RedTeam Protection, a division of Tony Josephs and Sons Investigations Inc., just sent me another batch of p2p cockups that exposed personal — and in some cases — sensitive medical — information. In each case, RedTeam advised the entity and/or helped ensure removal of the filesharing application. Some of these breaches are more security-related than privacy-related, but they’re all reminders of the risks. What a shame that most of these never seem to get reported to states so that they can be included in our chronologies and databases. RedTeam doesn’t reveal the names of the entities, however, and treats all of their findings as confidential.

An employee of a Virginia based family counseling corporation, leaked out 1,698 files onto the gnutella file sharing network. These documents included Individualized Service Plans, which included psychological evaluations, Medicaid numbers, social security numbers, and dates of birth.

The administrator of a California based treatment home, leaked 1,632 business documents onto the gnutella P2P network, including Individualized Service Plans, including dates of birth, complete medical histories, and
health insurance numbers.

The owner of a California based music studio, published 2,436 business related files onto the gnutella file sharing network. The files included personal contact information and signatures of well known musicians.

An executive at a United Arab Emirates based insurance provider, made publicly assessable 2,435 business related documents, including insurance numbers, scanned certificates, and workers compensation claims.

A Turkish accountant published 6,882 files onto the gnutella file sharing network, which included client balance sheets, account numbers, nondisclosure agreements, confidential merger information, and five years of faxes stored on the accountant’s hard drive.

A family counselor at a Washington, DC based treatment center, made 4,886 files accessible over the gnutella file sharing network. These files included the personal identifiers of juveniles seeking treatment for various behavioral issues, in addition to psychological profiles and emergency contact information.

A facilities manager at a national engineering consultancy published 13,038 files onto the gnutella file sharing network. These files contained confidential security and safety information for an manufacturing plant,
numerous vendor non disclosure agreements and internal correspondence.

A security manager at a Louisiana based chemical plant leaked 107 confidential files onto the gnutella P2P network. These files included bomb threat procedures, internal contact numbers, login names and passwords for the plant security system, contingency management documents and radio frequency assignments.

An employee of a presidential protection unit in Africa, published 2,298 files onto the gnutella file sharing network, including intelligence reports regarding child soldiers and pending investigations.

An executive at an Indonesian airline corporation published 9,263 files onto the gnutella P2P network, including security documents, human resource information and thousands of files relating to internal communications and vendor relations.

The superintendent/former superintendent of a Texas based school district, published 11,884 internal files onto the gnutella files sharing network. These files included confidential correspondence with parents, confidential grade sheets with dates of birth and student ID numbers, and confidential statistics listing grades sorted by demographics such as age and race.

Previous coverage of p2p breaches here.

Related posts:

  • And yet even more p2p breaches
  • Patient breaches and P2P networks
  • Debt collection firm exposed patient data on P2P network – FTC
  • FTC Charges EPN and Franklin’s Budget Car Sales Exposed Sensitive Information on Peer-to-Peer File-Sharing Networks, Putting Thousands of Consumers at Risk
Category: Breach IncidentsBusiness SectorEducation SectorExposureHealth DataNon-U.S.U.S.

Post navigation

← VA suspends contractor over patient data security
First arrests made in Heartland data breach case →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.