Europol Terror Data Found On Unsecured Network Drive

The Dutch TV programme Zembla has revealed how it discovered sensitive Europol terror data on the Internet.

It seems the data was stored on an networked Iomega hard drive connected to the Internet. To make matters worse, the device was not password protected.

Europol is the European Union’s law enforcement agency, and it admitted the mistake, but said the data was nearly ten years old. Despite that, it confirmed it has launched an investigation into the matter.

Data Breach

According to Zembla, it had found more than 700 pages of confidential dossiers, including details of terrorism probes, on a hard drive linked to the Internet.

“Although this case relates to Europol sensitive information dating from around 10 years ago, Europol immediately informed the concerned member states,” a spokesman for the law agency told the BBC.

“As of today, there is no indication that an investigation has been jeopardised, due to the compromise of this historical data,” the spokesman said. “Europol will continue to assess the impact of the data in question, together with concerned member states.”

It is understood the data included the names and telephone numbers of hundreds of people associated with terrorism.

The data is from 2006 to 2008 and includes investigations into the Madrid train bombings, the Hofstad Network – a Dutch-based Islamist terror network – and foiled attacks on several flights.

A reporter for Zembla told the BBC that its investigators had found the documents via a service that specialises in finding internet-connected kit.

“We found the disk online through a search engine called Shodan,” said Vincent Verweij. “We were able to remotely access the disk through the internet. It didn’t require a password.”

Europol reportedly admitted that a police officer had copied the data to a personal drive in “clear contravention” of its rules, but said that she has since left the agency and now works for the Dutch police.

Encryption Fight

Ironically Europol is well known to issue security advice to others, and last year its chief called the increasing prevalence of encrypted Internet communications a major difficulty for law-enforcement and national security efforts.

But it is also heavily engaged in the fight against crime.

A couple of months ago Europol warned of an emerging threat from Android-based smartphones because criminal gangs are able to carry out fraudulent mobile payments on the mobile operating system.

And last year Europol and a number of security firms successfully took down the ‘polymorphic’ Beebone botnet, which infected thousands of computers across the world.

Quiz. Are you a security guru?

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago