The Washington Post broke a story last night that should prick up the ears of information security and compliance officers. The names of more than 30 lawmakers under scrutiny by the highly secretive House ethics committee for possible ethics violations were leaked when a “low-level” staffer working from home put them on a peer-to-peer file sharing network.
The security breach brought swift action. The staffer was fired, and a lot of Congressional leaders were embarrassed. Statements came flying from all parties involved. The ethics committee does not make the names public (of their colleagues, no less!) until an official investigation is announced, for the obvious reason that these secret probes could unfairly damage a lawmaker’s reputation.
The leak does not appear to be politically motivated in any obvious way. The source who tipped off the reporters is not connected to the congressional investigations, according to the story. Which makes this security breach all the more scary.
The incident should add a big jolt to the Committee on Oversight and Government Reform hearings under way on inadvertent file sharing over P2P networks. And serve as another reminder to CIOs to revisit their P2P policies. As we reported in a story in August on the P2P hearings, research shows that 73% of companies take some kind of stance on P2P, but only 18% ban it outright. Companies tend to view P2P file sharing as more of a bandwidth issue than a security risk. Think again, and check out the story for peer-to-peer file-sharing tips.