WikiLeaks Springs a Leak: Full Database of Diplomatic Cables Appears Online

For the second time in a year, WikiLeaks has lost control of its full, unredacted cache of a quarter-million U.S. State Department cables — and this time the leaked files are apparently online. The uncensored cables are contained in a 1.73-GB password-protected file named “cables.csv,” which is reportedly circulating somewhere on the internet, according to […]

For the second time in a year, WikiLeaks has lost control of its full, unredacted cache of a quarter-million U.S. State Department cables – and this time the leaked files are apparently online.

The uncensored cables are contained in a 1.73-GB password-protected file named "cables.csv," which is reportedly circulating somewhere on the internet, according to Steffen Kraft, editor of the German paper Der Freitag. Kraft announced last week that his paper had found the file, and easily obtained the password to unlock it.

Unlike the cables that WikiLeaks has been publishing piecemeal since last fall, these cables are raw and unredacted, and contain the names of informants and suspected intelligence agents that were blacked out of the official releases. Der Freitag said the documents include the names of suspected agents in Israel, Jordan, Iran and Afghanistan, and noted that interested parties – such as the Iranian government or intelligence agencies – could have already discovered and decrypted the file to uncover the names of informants.

"The story is that a series of lapses, as far as I can see on behalf of WikiLeaks and its affiliates, has led to the possibility a file becoming generally available which it never should have been available," confirmed former WikiLeaks staffer Herbert Snorrason, of Iceland, who left the organization as part of a staff revolt last year, and is now part of the competing site OpenLeaks.

Information about the exposed file and password was also confirmed by the German newsweekly Der Spiegel. According to that publication, the cables were contained in an encrypted file that WikiLeaks founder Julian Assange had stored on a subdirectory of the organization's server last year, which wasn't searchable from the internet by anyone who didn't already know its location.

Assange had reportedly given the password for the file to an "external contact" to access the file's contents. With both the file and the password now online, the leak is complete.

"The issue is double: On one hand there is the availability of the encrypted file, and on the other the release of the password to the encrypted file," Snorrason told Threat Level on Monday. "And those two publications happened separately.”

The password leak was done "completely inadvertently," Snorrason added. He declined to identify the leaker, or the circumstances of the leak, but said it was someone who was with neither WikiLeaks nor OpenLeaks.

Last year, former WikiLeaks spokesman Daniel Domscheit-Berg and another WikiLeaks staffer led a staff revolt at WikiLeaks following a rift with Assange. They finally left the organization and set up OpenLeaks.org. When they left WikiLeaks, they took the contents of the WikiLeaks server with them, which included the encrypted file. Last December, Domscheit-Berg returned most of what he had taken, including the file containing the cables.

Wikileaks supporters subsequently released an archive of the data that Domscheit-Berg had returned, as a public service to provide readers with access to everything WikiLeaks had previously published. But among the documents was the encrypted file containing the cables. Several months later, the person to whom Assange had provided the password somehow made it public online. Der Spiegel doesn't elaborate on precisely why or how that person published the password, and Snorrason declined to say more, for fear of guiding people to the password.

"It's not very obvious how the password was made available, and we're not keen on making it any more obvious how or why it might have been published," Snorrason said.

Both the encrypted file and password went unnoticed until recently. Der Spiegel implies that Domscheit-Berg or someone else connected to his rival OpenLeaks organization was responsible for calling Der Freitag's attention to the file and password to make a point that WikiLeaks is unable to properly secure the data it possesses. Domscheit-Berg did not immediately respond to an e-mail query from Threat Level on Monday.

After nine months of slow, steady publication, WikiLeaks abruptly opened the spigot last week on its cable publications, spewing out over 130,000 by Monday afternoon – more than half the total database.

This is not the first time that WikiLeaks has lost control of its database of cables. Last year, as the organization and its media partners were beginning preparations to publish stories related to the cables, a WikiLeaks member gave the database to a freelance reporter, Heather Brooke.

Brooke was not a member of the approved cabal of media outlets that had been given access to the documents and her possession of them threatened to derail the plans that WikiLeaks and its media partners had hammered out for publication. The Guardian newspaper in the U.K. subsequently secured agreement from Brooke that she wouldn't herself publish any of the cables or stories related to them.

WikiLeaks responded to the leak on Twitter on Monday by writing: "There has been no 'leak at WikiLeaks'. The issue relates to a mainstream media partner and a malicious individual."