Leak at WikiLeaks Accidental Release of US Cables Endangers Sources
A WikiLeaks file containing the original leaked US State Department cables has inadvertently been released onto the Internet. The documents have not been edited to protect sources, meaning that the lives of informants could be at risk.
The ongoing conflict between WikiLeaks founder Julian Assange and his former German spokesman Daniel Domscheit-Berg has led to the accidental release of confidential data that was in WikiLeaks' possession. Since the beginning of the year, an encrypted file has been circulating on the Internet containing the collection of around 251,000 US State Department documents that WikiLeaks obtained in spring 2010 and made public in November 2010.
The release of the file could potentially endanger the informants mentioned in the documents, many of whom live in countries whose governments are hostile to the US. The confidential diplomatic cables were redacted before publication to protect sources, but the file on the Internet contains the original, unedited documents.
In the summer of 2010, Assange stored the password-protected file containing the cables in a concealed location on a WikiLeaks server. He gave the password to an external contact to allow him access to the material contained in the file.
When Domscheit-Berg left the organization in September 2010 together with a German programmer, the two men took the contents of the server with them, including the encrypted file containing the documents. As a result, Assange no longer had access to the file.
At the end of 2010, Domscheit-Berg finally returned to WikiLeaks a collection of various files that he had taken with him, including the encrypted cables. Shortly afterwards, WikiLeaks supporters released a copy of this data collection onto the Internet as a kind of public archive of the documents that WikiLeaks had previously published. The supporters clearly did not realize, however, that the data contained the original cables, as the file was not only encrypted but concealed in a hidden subdirectory.
Then, in the spring of 2011, Assange's external contact made public the password that he had received from Assange without realizing that this would allow access to the unredacted US cables. The slip-up remained undetected for several months. Members of OpenLeaks, the rival whistleblower organization recently set up by Domscheit-Berg, have now drawn attention to the lapse. They say it proves Domscheit-Berg's allegation, which he has been making for months, that data held by WikiLeaks is "not secure."
A number of media organizations, including SPIEGEL, first reported on the contents of the leaked cables in November 2010. All the publications made sure to redact the documents to obscure the name of informants in particularly sensitive positions to protect them from retaliation. A number of the files were entirely withheld from publication to avoid endangering sources.
Correction: An earlier version of this article incorrectly stated that Assange gave the password to an associate of his. In reality, it was an external contact. We have corrected the article accordingly.
© SPIEGEL ONLINE 2011
All Rights Reserved
Reproduction only allowed with the permission of SPIEGELnet GmbH