Europol, the European Union’s law enforcement agency, has admitted over 700 pages of confidential police files on 54 European terrorist cases were left unencrypted and available for view online – probably down to human error.
Confidential files were apparently taken home by a staff member and put on a personal Iomega storage device that was later connected to the Internet without a password – potentially allowing anyone to download the files.
The files, believed to span 2006-2008, are understood to contain hundreds of names and telephone numbers of people associated with terrorism, along with Europol analyses of terrorist groups.
They are reported to have discussed the Madrid bombings, foiled attacks on planes with liquid explosives, as well as terrorist investigations that have never been made public.
If you liked this content…
The leak was made public by Dutch documentary programme ‘Zembla,’ and broken in the English speaking world by well known security and privacy commentator Glyn Moody in a piece this week on science and culture site Ars Technica.
The latter quotes a Europol statement to it on the breach: “The concerned former staff member, an experienced police officer from a national authority, uploaded Europol data to a private storage device while still working at Europol, in clear contravention to Europol policy.
“A security investigation regarding this case is on-going, in coordination with the respective authorities at national level to which the staff member returned. Current information suggests that the security breach was not ill-intended.”
“Europol operates state-of-the-art databases and secure communication capabilities for processing and analysing operational and classified information,” Europol told the site, adding: “Human error is the weakest link when it comes to the intersection of staff, data, and technology.”