An employee for Wagner Research Group made a mistake. A very big and potentially devastating mistake. They opened up Limewire and decided to start sharing some files and grabbing some new songs. What they didn’t know was that while they were getting the latest hits, someone was hitting the company’s private records. It wasn’t even a hacker. It was someone who realized that the Wagner employee hadn’t specified which directories were available for people to search through which meant that the entire WRG’s database was at the disposal of anyone on Liewire. Herein lies one of the dangers of using peer-to-peer programs at work.

This story would have earned a lot of attention in its own right. The data breach exposed the personal information of around 2,000 of the firm’s clients. Most of these individuals are upper tier lawyers with big wallets and powerful friends. Yet, the media isn’t really focusing on them. It is focusing on Supreme Court Justice Stephen G. Bryer, whose personal information was also taken in the breach. An expert in the field has said that with such powerful people, “the individuals on this list are at a very high risk, almost imminent, of identity theft.”

As more details come to light about the breach, the information is damning. The breach went on for more than six months, complete unnoticed by the network and infrastructure groups of Wagner Research Group. In this period of time, there is no information about how many people accessed the data or how far it was spread. With a program like Limewire at the center of this breach, there is no telling how many people were able to download the identity data. What is known right now is that at least a dozen people, some residing in Sri Lanka, a hotbed for identity theft, and Colombia, now have the information.

Tiversa, an independent consulting firm was called in to help contain the breach. They are working with WRG to go over all their security policies to make sure nothing like this happens again. In the meantime, Warner Research Group has said that it will provide six months of free credit monitoring for everyone affected. These people should have received a letter in the mail recently. Unfortunately, this is too late for some people, including one lawyer he just was charged $9,000 by AT&T for a phone account that was illegally set up with his name and social security number, but someone else’s address. In the case of many data breaches, companies have not stepped up to offer such comprehensive credit monitoring. In those case, victims have turned to Lifelock, an identity theft service, that maintains contact with all three credit bureaus to make sure that fraudulent accounts are not taken out falsely under a client’s name.

Comcast users beware! Once again a large company in the United States finds itself in trouble after having had its electronic data systems breached. The second largest provider of cable TV and internet services suffered a disruption of its services late last week. At the time of the company’s press conference with the media, the number of people affected was roughly estimated in the millions. Thankfully, it appears that the personal data of Comcast customers was not stolen.

As Roel Schouwenberg, vice-president of Kaspersky Lab, noted, “the hackers seemed more interested in fame than money.” The market for stolen information, such as personal addresses, drivers license numbers, social security numbers, and mother’s maiden names is widely known about on the Internet. In some chat rooms, identities can be purchased for as little as $12. With such prevalence, more and more individuals are investing in ID theft services, such as Lifelock.

The specifics of the Comcast case are still developing. Beginning on Wednesday evening, users who went to the Comcast homepage were redirected to a site that informed users that Comcast had been hacked. Thankfully, a site was not set up that would have allowed users to enter their personal information. Many subscribers use the Comcast homepage to access their personal and business email accounts. Insiders familiar with the case say that this could have been a much worse breach.

The hack occurred when the DNS settings for the Comcast homepage were changed by the guilty individuals. The redirected site contained the names “KRYOGENICS, Defiant and EBK.” KRYOGENICS is known for hacking other sites, most recently numerous celebrity accounts on MySpace. Although it was Comcast customers affected in the most current breach, investigators informed the media that it was a lack of security at Network Solutions. No one was available for comment at Network Solutions, although they were called multiple times.

Various reasons have been given for the hack, although no one is certain which is most accurate. The most frequently cited cause is the recent policy by Comcast to limit download speeds from such sites as Bit Torrent. These sites are frequently used to illegally download music and movies. Comcast has been in close contact with the music and film industries to help limit the amount of illegal downloading that has been occurring in recent years.

What has attracted so much attention to this case is the size of Comcast’s client network. It currently has 14.1 million customers, narrowly behind AT&T’s 14.6 million. Although this is the first time that a major company’s homepage has been hacked in a number of years, information security specialists remind consumers to be weary. No wonder more and more people are investing in ID theft services, Lifelock being one of the most popular choices. At the end of his interview, Schouwenberg stated, “there are a lot of sites compromised every hour, they just don’t get the same attention.”

Consumers, beware.