Live Science Plus
You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Delivered Daily
Daily Newsletter
Sign up for the latest discoveries, groundbreaking research and fascinating breakthroughs that impact you and the wider world direct to your inbox.
Once a week
Life's Little Mysteries
Feed your curiosity with an exclusive mystery every week, solved with science and delivered direct to your inbox before it's seen anywhere else.
Once a week
How It Works
Sign up to our free science & technology newsletter for your weekly fix of fascinating articles, quick quizzes, amazing images, and more
Delivered daily
Space.com Newsletter
Breaking space news, the latest updates on rocket launches, skywatching events and more!
Once a month
Watch This Space
Sign up to our monthly entertainment newsletter to keep up with all our coverage of the latest sci-fi and space movies, tv shows, games and books.
Once a week
Night Sky This Week
Discover this week's must-see night sky events, moon phases, and stunning astrophotos. Sign up for our skywatching newsletter and explore the universe with us!
Join the club
Get full access to premium articles, exclusive features and a growing list of member rewards.
Thousands of Americans may unwittingly be sharing personal medical and financial information stored on their home computers when they use file-sharing software, according to a new study.
"The issue has been bubbling for a couple of years," said lead author Khaled El Eman, a senior scientist at the University of Ottawa's Electronic Health Information Laboratory.
"In the past we knew there was a problem. We just didn't know how big it was. We also wanted to see if anyone was actively searching for this information."
El Eman and his colleagues found evidence of outsiders actively searching for files containing private health and financial information on peer-to-peer (P2P) file-sharing networks such as Gnutella, eDonkey and BitTorrent. P2P networks let users connect with the computers of other users on the network and search for and download files.
"Very simple search terms such as 'medical records' or 'credit card' were quite effective in returning sensitive documents," El Eman told TechNewsDaily. Retrieving this information, he added, does not require world-class computer hacking skills.
"It's a total no-brainer," he said.
Thousands at risk
The study, published in a recent issue of the Journal of the American Medical Informatics Association, found that the absolute number of files returned containing sensitive health and financial information was relatively low — less than 1 percent of U.S. files contained personal health information and slightly less than 5 percent contained financial data.
Given the popularity of P2P file sharing, though, this translates into tens of thousands of computers at risk, El Eman said.
"There are around 250 known P2P file-sharing programs," he said. "And they vary in their badness. Some of them are known to automatically share everything on your machine without informing you what it's sharing. Some of them are better behaved."
P2P probing to discover personal information is a relatively recent wrinkle in file-sharing activity, El Eman said. In the past users primarily accessed and shared music, videos and pornography.
Safeguards
Whether you are a private individual or a healthcare worker taking patient records home, the only guaranteed way to keep your data safe is to avoid keeping it on a computer that does not have a file-sharing program installed.
For home users, that's not always easy. Teenagers are particularly fond of file sharing, El Eman said, and will frequently install programs without telling anyone.
If you're using a shared computer, he recommends, create different accounts for different users. That way, only one user's data will be at risk at any one time.
