Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Tokyo police officer fired after data leak.

Sophos : 20 July, 2007  (Technical Article)
Leaked confidential information over a peer to peer network about a police investigation cost Tokyo police officer his job.
IT security and control firm Sophos is reminding companies of the importance of enforcing stringent IT security policies after it was revealed that a Japanese policeman has lost his job for accidentally leaking confidential information via peer-to-peer (P2P) file-sharing software.

According to reports, the fired policeman, who has not been named, worked for the Metropolitan Police Department in Tokyo, which confirmed recently that personal information regarding 12,000 people related to criminal investigations had been distributed across the net from the officer's PC. The police officer had apparently installed the Winny file-sharing software on his PC, and did not know that confidential data was being made available to other users via the P2P network.

About 6,600 police documents are said to have been compromised, including interrogation reports, statements from victims of crime, and classified locations of automatic licence plate readers. Among the files was a list of the names, addresses and personal information concerning 400 members of the notorious criminal Yamaguchi-gumi yakuza gang. Officials note that the officer had claimed, in an internal survey prior to the leak, that he was not using the Winny P2P software on his PC.

'It's no surprise that the Japanese police force has taken a hard line against this officer for disobeying advice about not running P2P file-sharing software on his PC - the authorities have been trying to enforce a ban following a number of similar embarrassing incidents in the past,' said Graham Cluley, senior technology consultant for Sophos. 'But what this case really does underline is the need for all businesses to better control their users' behaviour, and limit the programs they can run on their computers. Firms need to ask themselves if their employees have a legitimate requirement to run applications like P2P software, and if not, control their usage through technology.'

The authorities are reported to be holding the officer's superiors partially responsible for the incident, and may reprimand up to ten other people.

Sophos notes that this was not the first occasion that information has leaked via peer-to-peer file-sharing networks. In May 2006, Sophos reported that a virus had leaked power plant secrets via Winny for the second time in four months. The previous month, a Japanese anti-virus company admitted that internal documents and customer information had been leaked after one of its employees failed to install anti-virus software, while earlier in 2006, Sophos described how information about Japanese sex victims was leaked by a virus after a police investigator's computer had been infected.

A survey conducted last year by Sophos reflects the serious concern that uncontrolled applications are causing system administrators. For example, 86.5 percent of respondents said they want the opportunity to block P2P applications, with 79 percent indicating that blocking is essential.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo