Data leaks of the rich and famous: Panama Papers show no one's secrets safe

The wealthy's dirty financial laundry has been leaked from a law firm in Panama. We can expect more of the same as companies struggle to lock down their data.

Laura Hautala Former Senior Writer
Laura wrote about e-commerce and Amazon, and she occasionally covered cool science topics. Previously, she broke down cybersecurity and privacy issues for CNET readers. Laura is based in Tacoma, Washington, and was into sourdough before the pandemic.
Expertise E-commerce, Amazon, earned wage access, online marketplaces, direct to consumer, unions, labor and employment, supply chain, cybersecurity, privacy, stalkerware, hacking. Credentials
  • 2022 Eddie Award for a single article in consumer technology
Laura Hautala
2 min read

Records leaked from the Panama-based law firm Mossack Fonseca show that not even the wealthy's secrets are safe in an era of data leaks, hacks and thefts.

© Karl-Josef Hildenbrand/dpa/Corbis

Papers leaked from a Panamanian law firm are teaching us all about how elites hide their money around the world.

The documents, published over the weekend, have exposed the tax shelters of Icelandic government officials and shined a light on the financial practices of the already beleaguered soccer organization FIFA. And that's just a start.

The leaks have prompted outrage, with Icelanders filling the streets of Reykjavik to protest, and caused people to shake their heads at the fact that many of the corporate shenanigans detailed in the documents are legal.

But the documents' exposure and publication in multiple news sources shows something more: embarrassing internal documents are now a sitting target on company servers. It's unclear how the Panama Papers, as they're being called, made it out of the Mossack Fonseca law firm's grasp. But the company, known for creating offshore bank accounts for its wealthy clients, is far from alone. It joins the ranks of several others that have seen the dirt dished on their clients, customers or employees.

Cybersecurity experts say we should expect to keep seeing shocking -- shocking! -- data leaked, hacked and otherwise stolen, because the problem of keeping it safe is far from being solved. It's great for investigative journalists, but not great for the general security of all our personal information on the Internet.

Right now, it's a cakewalk to take documents from an organization, cybersecurity experts say. If an outside attacker hacks into a company's networks, often documents like the ones from Mossack Fonseca are easy to find and steal copies of, said Bill Anderson, an executive at cybersecurity company OptioLabs.

Even if a company has strong defenses of its network, employees might take data home to work on outside the office, or they might unwittingly bring a laptop to work that's infected with malicious hacker software.

Encryption, or a method for scrambling up information for anyone who doesn't have the right key, is one way that data can be protected. But that might not be enough if too many people have access to the key. After all, there's always the threat of an insider who will intentionally steal and leak documents.

"I think we need to change the fundamental design of the way each and every document is created and managed," Anderson said.