Wikileaks' Cache of Alleged CIA Files Includes Unredacted Names

Although Wikileaks has redacted portions of the cache, and explained why, some names can be found in the dump.
March 9, 2017, 6:30pm

This week, journalists, technologists, and just those who are curious have been digging through a cache of alleged CIA files published by Wikileaks. In its announcement, Wikileaks said it had redacted CIA targets and machines used to launch attacks, and the names of users in the dump are also blacked out.

But, Motherboard has encountered several un-redacted names in the cache, including in documents related to alleged CIA exploits. Motherboard has been unable to confirm if these names identify CIA officials under their real identity, if they correspond to cover names, or other individuals. Nevertheless, the news highlights a potential misstep by Wikileaks, and shows the difficulty in properly redacting large caches of files.


On one page describing part of the work by the CIA's Engineering Development Group (EDG), several users have been redacted, replaced instead with numerical identities. The owner of the document has also been redacted, but at the bottom of the file, one full name of a user is visible.

In another page related to the EDG, several users are redacted, but a second full name is visible. Finally, the text of one document includes an unredacted name indicating who last modified the file.

Motherboard is not printing the names in case they do refer to, or can be used to identify, active or former CIA officials.

Wikileaks did not respond to multiple requests for comment, asking whether publication of one of the names was intentional or not.

A Kaspersky analysis of the dump obtained by CyberScoop says researchers were also able to partially reconstruct two malware tools using files published by Wikileaks.

The documents have highlighted some of the CIA's alleged hacking capabilities, including using Samsung smart TVs to spy on unsuspecting targets, and their string of iOS exploits for remotely taking over iPhones. The cache, dubbed "Year Zero" by Wikileaks, comprises of 8,761 documents and files, according to the transparency organization's announcement.

In a statement distributed yesterday, the CIA did not comment on the authenticity of the documents, but said "The American public should be deeply troubled by any Wikileaks disclosure designed to damage the Intelligence Community's ability to protect America against terrorists and other adversaries."

On Wednesday, CNN reported that a federal criminal probe was being opened into who leaked the alleged CIA documents, and Reuters reported, citing US officials, that CIA contracts were likely behind the breach.

Wikileaks has faced recent criticism for publishing identifying and personal information in data dumps. An August 2016 investigation by the Associated Press found Wikileaks had published medical files belonging to ordinary citizens, as well as financial records.