Home › News › Industry News
Fortune 100 sites leaking sensitive data
The study conducted for Bitform, a software component developer of tools for content inspection and security, analyzed 8,038 files for more than two dozen specific types of metadata and hidden information which have the potential to expose proprietary or confidential information, breach corporate policies and open security holes.
It warned there are "thousands of instances" of information exposure that was likely not intended to be made public. One such instance was a white paper from a computer manufacturer containing comments intended for internal review only, which acknowledged scalability limitations of a partner product.
The researchers behind this study have suggested that this problem is more severe for smaller companies that don't have the resources or processes to review the information that is made available to the public.
Related Stories
User Comments (32)
Post a comment|
smtkr
on December 19, 2005 9:55 PM |
I have not done a study of my own, but I think Intel does this the right way, with an intranet portal that is separate from the public intel.com. It doesn't really matter though, as most people carry sensitive data in and out of Intel. Once employees' laptops are outside the network, all of that sensitive data is vulnerable. I know plenty of employees who have spyware infesting their company computers. |
|
zephead
on December 20, 2005 1:21 AM |
somehow i'm not surprised this is being discovered...as i understand it this has been going on for years. it just goes to show you how the internet has affected the security of so-called 'private' information. |
|
Bartzy
on December 20, 2005 3:01 AM |
Couple of months ago, there was a show on Television about that. They showed how vulnerable big firms really are, and it is quite shocking. Internal information is accessible easily, and sometimes bad things occur. Companies just don't take this things too seriously (until something really bad is happening). Take Valve for example. Half-life 2 codes were leaked outside of the companies computers, and the game was delayed for months because of that. |
|
mofoed
on December 20, 2005 9:15 AM |
Agreed, most companies don't go through the process of data security enough to prevent things like this from happeneing, until of course something does happen. |
|
vigilante
on December 20, 2005 10:21 AM |
Seems like an easy problem, just keep the personal data non-web-accessible. But apparently that must be very difficult.This is why I will probably never trust any online company to keep my personal data "safe". And why I don't embrace this so called "live" software where your data AND programs run entirely off the Internet, requiring NO locally installed programs or data store. It just scares me. |
|
PanicX
on December 20, 2005 2:30 PM |
These problems are compounded even more by user unwareness and deceptive software practices. The fact that Microsoft Office products hide metadata in their files is a horrible security nightmare. I can't blame a user on my network for sending out an Excel spreadsheet in email or hosting a powerpoint slideshow on a website. They don't knowingly put sensitive information in these documents. The problem stems from the software writing sensitive information into the files metadata without notifying the user. [url=http://www.addbalance.com/usersguide/metadata.htm]Here you can find a good article about keeping your office documents clean[/url] |
|
dbuske
on December 21, 2005 3:33 AM |
I am beginning to think that it is impossible to make a secure website of application.This analogy fits perfectly: They put money in fortress like vaults to keep the honest people honest. A professional has ways to get in no matter what steps are taken to stop them.I really think to keep credit card #'s and account #'s on-line is very dangerous. I don't think they can keep the data safe. |
|
mentaljedi
on December 21, 2005 12:24 PM |
I don't care about the big companies. They're too big headed so if they don't realise whats going on, tough luck! As for us, i wouldn't care so much if my email was leaked (got lots of spam anyway) but credit cards? DON'T GO THERE!!! |
|
osram
on December 23, 2005 6:16 AM |
Errr. Well i do care about User Privacy. If companies dont care about securing the privacy of their customers its only confirming global situation: poor people get stuck in the nets of law.. and the rich ones can do what they want.things are getting worse and worse.. it is a very critical time. And if such issues are put on a light shoulder and are taken easy we can just see where "spying on normal people" will lead to. control. manipulation etc.george orwell's 1984, i dont want to be a panic emo kid, but just dont go for the soap lieing on the shower-floor.. as he will raise from the dead and give all the ignorants some good from behind. o.X |
|
barfarf
on December 23, 2005 10:23 AM |
This is so true i was using a website copier program to download an entire conmpanies website. I only wanted to look at the css source code to understand how they did a certain design feature on their main webpage. Well the next thing i know i have all these powerpoint and excel files. I just deleted them but i bet there was no-no info in the meta data. |
|
PUTALE
on December 24, 2005 5:21 PM |
with nowaday our information is being stored in a lot of places, it's always a big risk that someone/ somewhere, some companies will "accidentally" leaking the info. I think it just to show that the insecurity of the computer software. |
|
OmniWraith
on December 24, 2005 9:12 PM |
Hey. Great News! Instead of selling one's personal info. like passwords, usernames etc. to certian companies, let's just make it readily available to anyone that visits the website! So much for trustworthyness umong online businesses. |
|
subin_tc
on December 26, 2005 11:36 AM |
This is so true i was using a website copier program to download an entire conmpanies website. I only wanted to look at the css source code to understand how they did a certain design feature on their main webpage. Well the next thing i know i have all these powerpoint and excel files. I just deleted them but i bet there was no-no info in the meta data. |
|
anas_t
on January 3, 2006 12:15 AM |
People sell this for money .. I bet a lot of spam masseges came from them actually because they sell our e-mail addresses to companies |
|
zachig
on January 4, 2006 4:09 AM |
I'm 100% sure that our email addresses are being sold on the internet. It's a known fact.I'm also not surprised to see than Word/Excel/Powerpoint files from a lot of companies can be found in the Internet. This is part of the well-known 'Industrial-Spying' that's going on in the recent years.And this problem is just getting bigger and bigger :-( |
|
Eko
on January 4, 2006 8:05 AM |
A despicable character, Heinrich Himmler, once said: Two man can keep a secret, if one of them is dead. Unfortunately, with the evolution of the computers, we are now spied easily, since the communications have such a large growth lately. What, you really thought you have something private on the Internet ?! Laughable. Just remember how many times you've heard about credit card thieves, fraudes and so on. Best way to protect: Stay off the Net with the private info 
|
|
Reformado
on January 5, 2006 7:37 AM |
A friend of mine said once:Amazing the ability of MEN of dreaming.But really amanzing itīs his ability to make those dreams come true! |
|
Mark Steele
on January 7, 2006 6:12 PM |
Over the last couple of weeks I have experienced a large increase of Spy/ Malware & Trojan activity... its been a daily battle to keep on top.These were detected with Norton Antivirus Corporate edition and Spybot.... I had a hard time getting rid of "IBM000001.exe" or the remains of it any way... finally I used XoftSpy...Spybot did resolve this issue, even though it was up to date. XoftSpy also found a dozen other nasties hiding in there.... I there for recommend this to any one experiencing this type of problem. |
|
Cy6erpuke
on January 13, 2006 8:30 PM |
Not a big surprise! Everyone is going webcentric. In order to access everything from everywhere, the challenge will always be security and confidentiality. Yet another example of a great idea, without careful planning, making someone look like an *****. |
|
jimoer
on January 14, 2006 1:05 PM |
For sensitive data security they need to develope a barcode system for laptops when the person leaving the security of the sensitive company they work for slip the laptop through a scanner encripting, disabling all delicate matters. |
|
wolfgrw
on January 17, 2006 12:02 PM |
A californian nanotech based company, Calmec, [url]http://www.calmec.com/company.htm,[/url] has built a small device that can contain up to 2000GB!!  It has only a cubic inch of size!! The Future is small, very very small!!
|
|
loon69
on January 17, 2006 5:41 PM |
just joined hope to enjoy the experience |
|
rwmassey
on January 23, 2006 9:40 PM |
I be trying to win the new vid. Card, wish me luck ok. |
|
wkozey
on January 26, 2006 7:17 AM |
Would it not be easier with less worries if sensitve data was kept someplace safe like not on a computer that has internet access and only the persons authorised to view such data had access to it. |
|
minis_z
on January 26, 2006 9:56 AM |
techspot.com Love itcool.. im want 7800GT!! hope i can win this videocard <3!! |
Most Popular
| Trending | Featured |
-
iOS 5.1.1 untethered jailbreak tool released, supports 4S, iPad 3
-
After five days, Facebook ranks as worst IPO flop of the decade
-
Rumor: Windows 8 RC will launch June 1, will ship with Adobe Flash
-
Rumor: AMD "Piledriver" FX CPU production to begin Q3 2012
-
Diablo III becomes the fastest-selling PC game in history
Editors' Case Picks
Subscribe to TechSpot
Get free exclusive content, learn about new features and tech breaking news.
