Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to del.icio.us  
Sensitive gov't docs leaked over peer-to-peer
Published: 2009-10-30

The Congressional Committee on Standards of Official Conduct confirmed on Thursday that sensitive files from the group's deliberations had been leaked to the public via a peer-to-peer file sharing network.

Some 30 members of the House of Representatives and staff members are currently being investigated by the bi-partisan group of representatives, according to a confidential report prepared by the committee in July and leaked inadvertently by a staff member. The 22-page report summarizes the investigations of the ethics committee, according to an article in the Washington Post.

"Our initial review suggests that this unlawful access to confidential information involved the use of peer-to-peer file sharing software on the personal computer of a junior staffer, who is no longer employed by the Committee, while working from home," the committee said in a statement issued on Thursday. "The potential exposure is limited to several specific documents."

The security slip is the latest by members of Congress. Despite holding multiple hearings on the failings of federal agencies to secure their systems, multiple members of Congress have had their own systems compromised and data stolen. In 2006, a staff member of a Republican lawmaker attempted to hire hackers to change a college grade, but fell prey to practical jokers at Attrition.org. In another incident in 2004, two Republican staffers accessed thousands of confidential Democratic memos and leaked them to colleagues.

In the latest incident, the committee warned colleagues to take care with confidential documents.

"Although peer-to-peer technology may offer benefits to the users of such networks -- whether consumers, businesses or government -- they should also be aware of (the) risks that may be associates with their use," the committee said in its statement.

If you have tips or insights on this topic, please contact SecurityFocus.



Posted by: Robert Lemos
    Digg this story   Add to del.icio.us  
 
Comments Mode:







 

Privacy Statement
Copyright 2009, SecurityFocus