Apparently, WikiLeaks might not be as secure as was thought. News is circulating that an unredacted version of diplomatic cables from the U.S. State department is available online. These unredacted documents could possibly compromise the identities of assets and agents in countries such as Israel, Jordan, Iran and Afghanistan.
The WikiLeaks leak was first reported last Friday by Der Freitag editor Steffen Kraft who claimed that he found a 1.73 GB file named “cables.csv” containing the raw and confidential cables; he also claimed that the password for the encrypted file was easy to find.
Another German paper, Der Spiegal, confirmed the existence of the unredacted cables on Monday. According to Der Spiegal, these cables have been floating around online, unnoticed, since the beginning of this year.
WikiLeaks initially obtained these 250,000 classified documents in spring of 2010, and Assange subsequently concealed them in a password-protected file in a hidden subdirectory of the organization’s server– handing off the password to an “external contact”. In November, many news organizations such as the New York Times, the Guardian and the Mirror were given access to the information for reporting as long as they protected the identities in the cables.
The two pieces eventually found their way online. Assange’s German spokesman Daniel Domscheit-Berg led a revolt in 2010 to form WikiLeaks competitor OpenLeaks, taking the organization’s server with him. Once Domscheit-Berg found his way back to WikiLeaks, the organization released the archive of the data he took and inadvertantly the encrypted cables file as well. It’s unknown how the password found its way into the wild, but Wired claims that it was neither OpenLeaks nor WikiLeaks’ doing.
WikiLeaks’ official Twitter account is tweeting in response to this issue saying, “WikiLeaks ‘insurance’ files have not been decrypted. All press are currently misreporting. There is an issue, but not that issue.”