Japanese P2P leak cop fired

Tokyo drift

By John Leyden, 20th July 2007

Customer Success Testimonial: Recovery is Everything

A Japanese policeman has been fired after he was held responsible for accidentally leaking confidential information via peer-to-peer (P2P) file sharing software installed on his work PC.

The ex-copper, who has not been named, lost his job with the Tokyo Police Department over the leak of personal details of 12,000 people obtained during the course of criminal investigations. The hapless plod apparently installed the Winny file-sharing software onto his PC, blissfully unaware that confidential data was being made available to other users via the P2P network.

About 6,600 police documents are said to have been compromised, including interrogation reports, statements from victims of crime, and classified locations of automatic licence plate readers. Among the files was a list of the names, addresses, and personal information of 400 alleged members of the notorious Yamaguchi-gumi yakuza gang.

The Tokyo Police Department have a policy against running P2P software on PCs. The officer falsely claimed not to be running Winny in an internal audit prior to the leak.

The officer's superiors are being held partially responsible for the incident, with up to 10 facing possible disciplinary proceedings.

"It's no surprise that the Japanese police force has taken a hard line against this officer for disobeying advice about not running P2P file sharing software on his PC - the authorities have been trying to enforce a ban following a number of similar embarrassing incidents in the past," notes Graham Cluley, senior technology consultant for Sophos.

The Winny file sharing network is the most popular P2P network in Japan, boasting an estimated 250,000 users. The technology has become a focus of concern for authorities after investigation records from a Kyoto Prefecture Police officer's computer and military files from Japan's Self-Defence Force as well as police files from the Tokyo Police were made available across the Winny P2P network. In May 2006, a virus was blamed for leaking power plant secrets onto Winny. ®

Ensure Ease of Recovery with Asigra’s Agentless Software

COMMENTS

House Rules Send Corrections

All Reader Comments (7)

Latest Comments

Posted Saturday 21st July 2007 23:13 GMT

Alan Donaly

probably wasn't running

Right the interal audit probably did

check and he installed it after. This

is pretty lame security however and

I really don't get why he would be

able to install any software on his

work PC another situation where

dumb == institution.

Posted Saturday 21st July 2007 09:14 GMT

Keith Langmead

Internal audit?

"The officer falsely claimed not to be running Winny in an internal audit prior to the leak."

What kind of internal audit are they running there? He "claimed" not to running the software! Surely they should have actually checked, rather than just ask. Sounds a nice and easy audit to me, gather everyone into a room, "Right, raise your hand if you're running anything you shouldn't be on your work computer"... "no one, fantastic, that's the audit for this year done"

Posted Friday 20th July 2007 23:52 GMT

Andy