Japanese P2P leak cop fired
A Japanese policeman has been fired after he was held responsible for accidentally leaking confidential information via peer-to-peer (P2P) file sharing software installed on his work PC.
The ex-copper, who has not been named, lost his job with the Tokyo Police Department over the leak of personal details of 12,000 people obtained during the course of criminal investigations. The hapless plod apparently installed the Winny file-sharing software onto his PC, blissfully unaware that confidential data was being made available to other users via the P2P network.
About 6,600 police documents are said to have been compromised, including interrogation reports, statements from victims of crime, and classified locations of automatic licence plate readers. Among the files was a list of the names, addresses, and personal information of 400 alleged members of the notorious Yamaguchi-gumi yakuza gang.
The Tokyo Police Department have a policy against running P2P software on PCs. The officer falsely claimed not to be running Winny in an internal audit prior to the leak.
The officer's superiors are being held partially responsible for the incident, with up to 10 facing possible disciplinary proceedings.
"It's no surprise that the Japanese police force has taken a hard line against this officer for disobeying advice about not running P2P file sharing software on his PC - the authorities have been trying to enforce a ban following a number of similar embarrassing incidents in the past," notes Graham Cluley, senior technology consultant for Sophos.
The Winny file sharing network is the most popular P2P network in Japan, boasting an estimated 250,000 users. The technology has become a focus of concern for authorities after investigation records from a Kyoto Prefecture Police officer's computer and military files from Japan's Self-Defence Force as well as police files from the Tokyo Police were made available across the Winny P2P network. In May 2006, a virus was blamed for leaking power plant secrets onto Winny. ®
probably wasn't running
Right the interal audit probably did
check and he installed it after. This
is pretty lame security however and
I really don't get why he would be
able to install any software on his
work PC another situation where
dumb == institution.
"The officer falsely claimed not to be running Winny in an internal audit prior to the leak."
What kind of internal audit are they running there? He "claimed" not to running the software! Surely they should have actually checked, rather than just ask. Sounds a nice and easy audit to me, gather everyone into a room, "Right, raise your hand if you're running anything you shouldn't be on your work computer"... "no one, fantastic, that's the audit for this year done"
RE:This is a joke, right?
I am with you, I think an IT bod should be ready to fall on his/her sword as well.