Money-shuttling firm lost 2.6 TB of data and didn’t even notice
The staggering, Wikileaks-beating “Panama Papers” data exfiltration has been attributed to the breach of an e-mail server last year.
The leak of documents from Panama-based, internationally-franchised firm Mossack Fonseca appears to confirm what has long been suspected but rarely proven: well-heeled politicians, businesses, investors, and criminals use haven-registered businesses to hide their wealth from the public and from taxmen.
Bloomberg says co-founder Ramon Fonseca told Panama’s Channel 2 the leaked documents are authentic and were “obtained illegally by hackers”.
According to The Spanish, the whistleblower (here in Spanish) accessed the vast trove of documents by breaching Mossack Fonseca’s e-mail server, with the company sending a message to clients saying it’s investigating how the breach happened, and explaining that it’s taking “all necessary steps to prevent it happening again”.
The company added that it’s engaged security consultants to close the horse-long-gone stable door.
I love it! Law firm involved in a highly secretive operation cannot even do the basic steps to secure their servers. Of course I am not surprised, IT (ICT) security has been deemed more of an annoyance than a top priority at so many businesses. “Why me worry?” is the word of the day. Probably had an ISP el cheapo “firewall” device.