In what federal prosecutors are calling the first case of its kind, a Seattle man on Thursday was arrested for allegedly using the popular Lime Wire peer-to-peer file-sharing software to get access to tax returns, credit reports, bank statements and student financial-aid applications housed on hundreds of computers across the United States.
The scheme allegedly undertaken by 35-year-old Gregory Kopiloff worked something like this, according to the U.S. Department of Justice: He'd use identity information gleaned from those documents to open credit accounts over the Internet, buy goods over the Internet, ship them to various mailboxes in the Puget Sound area and resell the merchandise for about half its retail price. Investigators said his scheme had nabbed 80 victims and racked up more than $70,000.
"Law enforcement has known for some time that criminals are exploiting peer-to-peer file sharing to secretly gain remote access to victims' computers to search for personal information," Jeffrey Sullivan, U.S. Attorney for the Western District of Washington, said in a statement.
If the charges of mail fraud and "accessing a protected computer without authorization to further fraud" hold up, Kopiloff could face up to 20 years in prison and a $250,000 fine. If convicted on an "aggravated identity theft" charge, his prison sentence would be increased by two years.
From the outside looking in, it seems likely that the alleged thefts occurred because the "victims" in question--or perhaps users who shared their computers--accidentally configured their software in a way that exposed directories containing the sensitive items.
CNET News.com readers may recall that Lime Wire's CEO caught an earful from Congress earlier this summer at a hearing in which politicians claimed peer-to-peer networks pose a threat to national security because of the possibility of such "inadvertent" file sharing. Lime Wire at the time vigorously defended itself, maintaining that its product offers its users ample warnings designed to ensure they don't select vulnerable folders for sharing with others.
But one has to wonder if the criminal allegations revealed Thursday will inflame those earlier arguments that the peer-to-peer software maker hasn't made it clear enough how to close off certain directories to outside snooping. Lime Wire, for its part, has some tips on how to make sure the software is set up to your liking.