Sensitive info leaks through programs used to share music, other files

By Christopher S. Rugaber - AP

WASHINGTON - A diagram of a Pentagon computer network that includes passwords to defense contractors' systems is one of hundreds of classified documents accidentally available online, a House panel was told Tuesday.

This and other sensitive information, including personal financial data, is mistakenly leaked through popular file-sharing programs such as LimeWire, KaZaA and Morpheus that individual, corporate and government users use to share music, movie and other entertainment files, several experts said at a hearing by the House Oversight and Government Reform Committee.

"The American people would be totally outraged if they were aware of what is inadvertently shared ... by government agencies," said retired Gen. Wesley Clark, who is on the advisory board of Tiversa Inc., a data security company. Clark did not name the defense contractors whose computing passwords were compromised.

Rep. Henry Waxman, D-Calif., chairman of the committee, said the hearing was intended to scrutinize the threats file-sharing, or peer-to-peer, technology poses to privacy and security, not to ban it. Waxman and Rep. Tom Davis, R-Va., senior Republican on the committee, said they had examined similar concerns four years ago. Both members introduced a bill in 2003 that would have required government agencies to clamp down on file-sharing, but the legislation wasn't approved.

Robert Boback, Tiversa's chief executive, said that over 300 million searches are conducted through peer-to-peer networks daily, compared to 130 million through Google. While most sensitive information is shared accidentally, users in both the United States and abroad are aware of what is available and actively search for data such as credit card numbers, bank statements, and account passwords.