The biggest data breach in history happened when Mossack Fonseca papers fell into the hands of German journalists. The leaked a 2.6 terabyte archive that included 11.5 million documents — it’s three times larger than the scandalous Cablegate dump, initiated by WikiLeaks in 2010.
It’s not the first time that Mossack Fonseca clients’ data has made headlines:several years ago an anonymous source sold a portion of their database to German authorities. It contained information on several hundreds of offshore companies. The Panama Papers incident is a lot bigger: it uncovered the details of 240,000 companies, moored at the tax haven.
It’s a lot of data. It had been under investigation for the whole year and there are sure to be more discoveries as time goes on. The data was secretly analyzed by journalists across the globe and outside of that group no one was aware of the investigation. Let’s dig deeper into the way the whole process was organized.
How reporters pulled off the Panama Papers, the biggest leak in whistleblower history https://t.co/OZDCfgzLeN
— WIRED (@WIRED) April 4, 2016
The Panama Papers story began at the the end of 2014 when an anonymous whistle-blower reached Bastian Obermayer, a journalist from German newspaper Süddeutsche Zeitung. The informer offered to reveal data, which could subject criminals to face of truth.
The journalistic source provided the documents and asked nothing in exchange aside from full anonymity. This person wasn’t ready to repeat the life path of Edward Snowden, who had to leave his home and abandon hope to see his friends and relatives. Fearing for his life, the informer insisted on using secure online communications and refused to see the journalist in person.
9 mobile and Internet messaging services offering strong #security and #privacy controls https://t.co/30xBpa0kSb pic.twitter.com/GWm1XtGFs3
— Kaspersky Lab (@kaspersky) November 15, 2014
Obermayer agreed. So they maintained contact via encrypted communication channels and regularly changed them. The journalist refused to reveal which apps and technologies were used and how exactly the huge data archive — more than 2 Tb — was transferred. As Wired writes, he says only: “I learned a lot about making the safe transfer of big files.”
This investigation taught Obermayer to be super vigilant. When all communications were over, the journalist destroyed his phone and laptop hard drive, as these devices were used to keep contact. “This may have seemed a little overachieving,” he noted to the Wired, “But better safe than sorry.”
Minutes after #PanamaPapers story broke there was a Wikipedia article. Six hours later there 286 edits & 10 sources. https://t.co/WrDM4lU1l6
— Wikipedia (@Wikipedia) April 5, 2016
When Süddeutsche Zeitung finished the primary investigation of the first portion of documents, the newspaper reached out to the International Consortium of Investigative Journalists (ICIJ). This team had specific experience in the analysis of huge data leaks, so ICIJ experts had taken up coordination of investigation activities.
There was a separate folder for each offshore company that included email letters, PDFs, copies of documents and contacts, apart from other papers. To enable text search some files had been converted from images to text with the help of a character recognition system.
How big data and a bit of paranoia made #PanamaPapers live
ICIJ created their own search system that enabled access, communication and joint work for all engaged parties. Dozens of largest newspapers in the world took part in the investigation: about 400 journalists from 80 countries in total hammered away the Panama Papers
ICIJ is not going to grant access to Panama Papers for all interested parties. Gerard Ryle, the head of the organization, thinks that this step can bring harm to law abiding clients of Mossack Fonseca.