The United States Federal Trade Commission (FTC) said it had notified nearly a hundred entities about security breaches in their computer systems that allowed confidential customer and employee data to end up on P2P networks (peer to peer).
The use of this type of software – used to share files, videos, music and photos, for example – in an unauthorized manner, with poor configuration or weak security mechanisms, on computers connected to corporate networks, it may have been the source of the dissemination of information stored in computer systems , it is admitted.
The public body declined to reveal the identity of the affected organizations, adding that private companies and public entities – including schools and local authorities – with such disparate dimensions, ranging from structures with 8 employees to large companies with tens of thousands of employees.
In a statement published this Monday, the FTC stated that among the information that was accessible on file-sharing networks are personal data related to health, finances, driving licenses and social security numbers, for example, that «can carry identity theft or fraud. «
In the document, the body stresses the responsibility of companies to safeguard personal data hosted on their computer systems and the need to take measures to control the software used on their networks.
He also advised companies to carefully analyze their systems to ensure that unauthorized P2P programs are not being used or that those that have been authorized are properly configured and secure, in order to avoid inadvertent information sharing.