Mossack Fonseca, the law firm whose documents were at the centre of the Panama Papers leak of confidential information about the rich and the powerful money manipulations, says the documents were stolen.
“The only crime that has been proven is the hack,” Computer Weekly quoted founding partner Ramon Fonseca saying. “We rule out an inside job. This is not a leak. This is a hack.”
If this really is true, then this is one huge hack operation. Paul Ducklin, senior technologist at security firm Sophos, writing a blog post on the topic, puts things into perspective.
A total of 2.6 terabytes of data was stolen. That’s approximately 2.6 million printed A4 pages, which would weigh some 13 tonnes if printed.
So, this could not have been a simple smash-and-grab job. If indeed hackers managed to steal this data, they would need to first get inside, then spend some time analysing the system, and in the end slowly exfiltrate the data, all without being spotted.
“Presumably, the hackers needed to get in, find their way around, figure out what data was stored where, work out how to access it, and then find a way to collect and exfiltrate it,” he wrote.
WikiLeaks posted a screenshot on Twitter, where it was seen that Mossack Fonseca notified its clients about an “unauthorised breach” of its email server. Later on, the firm said all the usual things, including that they’re investigating the matter and tightening up on security.
I’m afraid it’s a bit too late for that, now.
Image Credit: Brian A Jackson / Shutterstock