Julian Assange, editor-in-chief of WikiLeaksCredit: Lewis Whyld/PA
Whistleblowers' group WikiLeaks has blamed the Guardian for a security breach which led to the full archive of 251,000 secret US embassy cables being published online without sensitive information, such as the names of sources, being removed.
In an editorial on its website, WikiLeaks claims that Guardian investigations editor David Leigh "negligently" disclosed the passwords to the encrypted cache in a book published earlier this year.
The book, by Leigh and fellow Guardian journalist Luke Harding and called WikiLeaks: Inside Julian Assange's War on Secrecy, was published in February this year. It tells the story of the newspaper's strained relationship with the whistleblowers' group.
The group also claims to have begun pre-litigation action against the Guardian and an individual in Germany, who it says is "distributing the Guardian passwords for individual gain". It alleges that in publishing the password, the newspaper broke a confidentiality agreement signed by WikiLeaks and Alan Rusbridger, editor-in-chief of the Guardian, in July 2010.
Access to the complete trove of cables was provided to the newspaper last year for a period of a few hours so that it could download the documents. According to the Guardian, the server was then taken offline and all files removed, as previously agreed with WikiLeaks.
But the file was later published, reportedly by a WikiLeaks supporter, on BitTorrent, a filesharing network mostly used for downloading films and music. It is accessible using the same password published later in the Guardian book.
The availability of the file through BitTorrent was not publicised by WikiLeaks in any way, nor linked to on their website. According to the Guardian, the newspaper had no knowledge when the book was published that the file was still available online, encrypted with the same password.
A Guardian spokesperson said it was "nonsense to suggest the Guardian's WikiLeaks book has compromised security in any way".
"Our book about WikiLeaks was published last February. It contained a password, but no details of the location of the files, and we were told it was a temporary password which would expire and be deleted in a matter of hours.
"It was a meaningless piece of information to anyone except the person(s) who created the database.
"No concerns were expressed when the book was published and if anyone at WikiLeaks had thought this compromised security they have had seven months to remove the files. That they didn't do so clearly shows the problem was not caused by the Guardian's book."
WikiLeaks has been publishing the cables since November last year, when they were first made public, making use of media and charity organisations to help it redact sensitive information such as the names and locations of informants.
In response to discovering the security breach two weeks ago, the group took what it called "emergency action" and dramatically increased the level of publication of the cables via its partners, "to get as much of the material as possible into the hands of journalists and human rights lawyers who need it", it said.
According to its statement, WikiLeaks also contacted the US State Department over the breach, and editor-in-chief Julian Assange spoke to State Department legal adviser Cliff Johnson for 75 minutes.
WikiLeaks is now conducting a vote on Twitter as to whether is should release the full cache of unredacted cables on its own website. Followers have been asked to use the hashtags #WLVoteYes and #WLVoteNo to cast their votes online.
The group claims that the responses from its Twitter followers have been more than 100 to one in favour of release.
Free daily newsletter
- DCMS-backed media literacy programme is supporting vulnerable internet users
- Freelance journalist Nicola Kelly on reporting on the UK Home Office
- Tip: Lessons from the Guardian's membership model
- How should the media cover COP26 and climate change long-term?
- How memberships and subscription models drive business growth