DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

More p2p fiascos

Posted on February 13, 2009 by Dissent

Rian from RedTeam Protection, a division of Tony Josephs and Sons Investigations Inc., just sent me another batch of p2p cockups that exposed personal — and in some cases — sensitive medical — information. In each case, RedTeam advised the entity and/or helped ensure removal of the filesharing application. Some of these breaches are more security-related than privacy-related, but they’re all reminders of the risks. What a shame that most of these never seem to get reported to states so that they can be included in our chronologies and databases. RedTeam doesn’t reveal the names of the entities, however, and treats all of their findings as confidential.

An employee of a Virginia based family counseling corporation, leaked out 1,698 files onto the gnutella file sharing network. These documents included Individualized Service Plans, which included psychological evaluations, Medicaid numbers, social security numbers, and dates of birth.

The administrator of a California based treatment home, leaked 1,632 business documents onto the gnutella P2P network, including Individualized Service Plans, including dates of birth, complete medical histories, and
health insurance numbers.

The owner of a California based music studio, published 2,436 business related files onto the gnutella file sharing network. The files included personal contact information and signatures of well known musicians.

An executive at a United Arab Emirates based insurance provider, made publicly assessable 2,435 business related documents, including insurance numbers, scanned certificates, and workers compensation claims.

A Turkish accountant published 6,882 files onto the gnutella file sharing network, which included client balance sheets, account numbers, nondisclosure agreements, confidential merger information, and five years of faxes stored on the accountant’s hard drive.

A family counselor at a Washington, DC based treatment center, made 4,886 files accessible over the gnutella file sharing network. These files included the personal identifiers of juveniles seeking treatment for various behavioral issues, in addition to psychological profiles and emergency contact information.

A facilities manager at a national engineering consultancy published 13,038 files onto the gnutella file sharing network. These files contained confidential security and safety information for an manufacturing plant,
numerous vendor non disclosure agreements and internal correspondence.

A security manager at a Louisiana based chemical plant leaked 107 confidential files onto the gnutella P2P network. These files included bomb threat procedures, internal contact numbers, login names and passwords for the plant security system, contingency management documents and radio frequency assignments.

An employee of a presidential protection unit in Africa, published 2,298 files onto the gnutella file sharing network, including intelligence reports regarding child soldiers and pending investigations.

An executive at an Indonesian airline corporation published 9,263 files onto the gnutella P2P network, including security documents, human resource information and thousands of files relating to internal communications and vendor relations.

The superintendent/former superintendent of a Texas based school district, published 11,884 internal files onto the gnutella files sharing network. These files included confidential correspondence with parents, confidential grade sheets with dates of birth and student ID numbers, and confidential statistics listing grades sorted by demographics such as age and race.

Previous coverage of p2p breaches here.

No related posts.

Category: Breach IncidentsBusiness SectorEducation SectorExposureHealth DataNon-U.S.U.S.

Post navigation

← VA suspends contractor over patient data security
First arrests made in Heartland data breach case →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure
  • Kentfield Hospital victim of cyberattack by World Leaks, patient data involved
  • India’s Max Financial says hacker accessed customer data from its insurance unit
  • Brazil’s central bank service provider hacked, $140M stolen
  • Iranian and Pro-Regime Cyberattacks Against Americans (2011-Present)
  • Nigerian National Pleads Guilty to International Fraud Scheme that Defrauded Elderly U.S. Victims
  • Nova Scotia Power Data Breach Exposed Information of 280,000 Customers
  • No need to hack when it’s leaking: Brandt Kettwick Defense edition
  • SK Telecom to be fined for late data breach report, ordered to waive cancellation fees, criminal investigation into them launched
  • Louis Vuitton Korea suffers cyberattack as customer data leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • On July 7, Gemini AI will access your WhatsApp and more. Learn how to disable it on Android.
  • German court awards Facebook user €5,000 for data protection violations
  • Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher
  • Ninth Circuit Reviews Website Tracking Class Actions and the Reach of California’s Privacy Law
  • US healthcare offshoring: Navigating patient data privacy laws and regulations
  • Data breach reveals Catwatchful ‘stalkerware’ is spying on thousands of phones
  • Google Trackers: What You Can Actually Escape And What You Can’t

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.