An employee at Wagner Resource Group, a McLean, Va-based investment firm used LimeWire late last year from his company computer, and in doing so, inadvertently opened the private files of his firm to the public.

This exposed the names, dates of birth and Social Security numbers of about 2,000 of the firm's clients – including a number of high-powered lawyers and Supreme Court Justice Stephen G. Breyer, the Washington Post reported.

The breach was only discovered six months later -- when a reader of a washingtonpost.com blog found the information while actually searching LimeWire. The reader notified the Post's Security Fix blog, which then alerted some of the Wagner clients, the Post said.

Phil Neray, VP at database security company Guardium, says most companies have policies in place preventing their employees from using LimeWire, "as it's hard to imagine a legitimate business use for this or other Peer-to-Peer file-sharing applications."

"But even when companies allow them to reside on networks, they need to enforce policies around the use of these applications," Neray says.

In addition, companies need to have content monitoring controls in place to enforce these policies. "Most companies on Wall Street have policies, but they're only just now getting to use the technology to enforce these policies," he says.

Phylyp Wagner, founder of the Wagner Resource Group, called his firm's breach "devastating."

"I didn't even know what peer-to-peer was. I do now," he told the Washington Post.

The bottom line, Guardium's Neray says, is that while companies can't prevent peer-to-peer file sharing applications or other technologies from entering a work environment – they need to put controls in place, including real-time monitoring, to make sure these are used in an authorized manner.