Terrorism

Data on Europol terrorism investigations accidentally leaked online

According to a Dutch television program data on several investigations into the terrorism groups conducted by the Europol were accidentally leaked.

According to Dutch television program Zembla, data on several investigations into the terrorism groups conducted by the Europol were accidentally leaked online. According to the program, the dossier contained information about 54 different police investigations, including the names and telephone numbers of suspects.

“Information on numerous international investigations into terrorism groups compiled by Europol was accidentally left online, unguarded by any password, a Dutch television program reported on Wednesday.” reported the Reuters Agency. “Europol, which helps European Union national police organizations cooperate, could not immediately be reached for comment. The television program Zembla cited the Europol’s adjunct director Wil van Gemert as acknowledging the incident.”

The television program cited the Europol’s adjunct director Wil van Gemert as acknowledging the incident.

europol-terrorism-data-leakeuropol-terrorism-data-leak

The leak was caused by a former employee who took dossiers home, violating the rules of conduct of the Europol. The man transferred the precious information on a hard drive, but unfortunately, he was not aware that the storage was connected to the Internet and it was accessible to anyone without any restriction.

Zembla did not reveal any information contained in the dossier.

“Van Gemert was quoted saying it did not appear that the dossier had been seen by anyone other than Zembla researchers, but he could not rule it out.” continues the Reuters.

“This affects confidentiality and that is why we immediately set up an investigation to see how this could have happened,” declared Gemert.

Gemert explained that some individual included in the dossier may still be under “long-term” active investigation.

“The fact that they were ten years ago, part of an investigation, can still mean that they are part of an investigation,” he added.

Dutch Member of the European Parliament, Sophie in ‘t Veld published the following post on Twetter:

“Huge data leak. Will call for @EU_Commission and @Europol director to come and inform @Europarl_EN.”

Below the full statement from the Europol:

“Europol operates state-of-the-art databases and secure communication capabilities for processing and analysing operational and classified information. Europol adheres to the highest standards of data security, including continuous security briefings provided to staff members: State-of-the-art security is the basis for maintaining trust among all the parties that share information and intelligence with and through Europol.

“As for any law enforcement agency processing sensitive information, the design of a robust system cannot completely eliminate human error. Europol has a robust framework in place regarding security clearance measures and sanctions for breaches of security rules.

“A recent case included in a Dutch television programme concerned the breach of an ex-Europol staff member with Europol’s security regime. The concerned former staff member, who is an experienced police officer from a national authority, uploaded Europol data to a private storage device while still working at Europol, in clear contravention to Europol policy.

“A security investigation regarding this case is on-going, in coordination with the respective authorities at national level to which the staff member returned. Current information suggests that the security breach was not ill-intended.

“Although this case relates to Europol sensitive information dating from around 10 years ago, Europolimmediately informed the concerned Member States. As of today, there is no indication that an investigation has been jeopardised, due to the compromise of this historical data. Europol will continue to assess the impact of the data in question, together with concerned Member States.

“Human error is the weakest link when it comes to the intersection of staff, data, and technology. Although this risk can never fully be ruled out, Europol’s systems and the security training offered to Europol staff are constantly reviewed. Europol is serious about maintaining the trust from EU Member States and partners.”

The terrorism is a principal threat to the Western countries, for this reason, the European State members announced the creation of a new European counter-terrorism centre early this year.

The centre  aims to improve information-sharing among national law enforcement bodies involved in the investigation on terrorism activities. The creation of the centre represents an urgency after the tragic events in Paris.

The new centre is located at the Europol’s headquarters in the Hague, it is tasked to monitor any activity online conducted by extremist groups, investigating how these groups exploit the Internet for their operations.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – terrorism, Europol)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown

INTERPOL announced that a joint operation code-named Operation Secure took down 20,000+ malicious IPs/domains tied…

6 hours ago

Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited

A critical remote code execution (RCE) vulnerability in Roundcube was exploited days after patch, impacting…

16 hours ago

A flaw could allow recovery of the phone number associated with any Google account

A vulnerability could allow recovery of the phone number associated with a Google account by…

20 hours ago

Texas Department of Transportation (TxDOT) data breach exposes 300,000 crash reports

Hackers breached Texas DOT (TxDOT), stealing 300,000 crash reports with personal data from its Crash…

1 day ago

SAP June 2025 Security Patch Day fixed critical NetWeaver bug

SAP fixed a critical NetWeaver flaw that let attackers bypass authorization and escalate privileges. Patch…

1 day ago

U.S. CISA adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds RoundCube Webmail and Erlang Erlang/OTP SSH server flaws…

2 days ago