Europol has admitted that confidential information on terror investigations was accidentally put online, as it launched a probe into what it called a “very serious incident.”
Dutch investigative TV programme Zembla, which broke the story, said around 700 pages on terror investigations – particularly analysis on terror groups – appeared online, including the names and contact details of hundreds of people with terror links.
The breach happened after “an experienced police officer” uploaded data from Europol onto a private storage device “in clear contravention of Europol policy,” Europol spokesman Gerald Hesztera said.
“A security investigation in coordination with the respective authorities at national level is ongoing,” he said. But “current information suggests that the breach was not ill-intended.”
Hesztera said the sensitive material was around 10 years old and there was “no indication” that any current investigation had been compromised.
The woman has now left Europol, which has since firmly beefed up cyber security.
A similar security breach “would not happen today,” Hesztera said.
It was unlikely the files had been seen by people who were under investigation, the possibility could not be excluded, added the spokesman.
One Europol official who declined to be named told AFP the ex-employee is still a member of the Dutch police.
“It was against security regulations, but the information is old and the impact on any current investigation seems to be zero,” said this official.
Although some information was indeed confidential, most of it was not classified and some of it even available on Europol’s website, the official said.
“We see this as a very serious incident that has consequences for confidentiality on which we place a high premium,” Interpol deputy director Wil van Gemert told the NOS public newscaster.
Member states affected by the breach were also immediately informed and “Europol will continue to assess the impact of the data in question,” Hesztera said.