When the world gets closer.

We help you see farther.

Sign up to our expressly international daily newsletter.

Already a subscriber? Log in .

You've reached your limit of one free article.

Get unlimited access to Worldcrunch

You can cancel anytime .


Exclusive International news coverage

Ad-free experience NEW

Weekly digital Magazine NEW

9 daily & weekly Newsletters

Access to Worldcrunch archives

Free trial

30-days free access, then $2.90
per month.

Annual Access BEST VALUE

$19.90 per year, save $14.90 compared to monthly billing.save $14.90.

Subscribe to Worldcrunch

Privacy Violated, When Your Life Is Exposed And You’re The Last To Know

Family pictures, porn, German armed forces' internal data – openly accessible on the internet. One mistake is enough and your privacy is destroyed.

Johannes Boie, Catharina Felke and Simon Hurtz

MUNICH — Mr. Maier was lucky. The money's still on his bank account, nobody used his Amazon account and no one has read his emails in his web.de inbox. Maier's login data for 47 online platforms were made accessible to the public, without his consent or knowledge. Criminals could have extracted data from his private life or ruined him financially.

Maier's real last name is indeed Maier, and he is a retired resident of the state of Baden-Württemberg in southwest Germany. He doesn't want to reveal anything else about his life for this article, though we already know what matters. His son had set up a private server for him, years ago. On his network drive, Maier stored family photos, old working papers, digitalized versions of his vinyl jazz record collection — and one Word document with the encrypted login data for all of his online accounts. Among them: his bank account, Amazon, eBay, PayPal, three email accounts and an online pharmacy.

"My son is good with computers," he says. "At least that's what I'd thought." As a matter of fact, all the content of his hard disk was online and freely accessible. Anyone could have retrieved them, without even requiring a password. It's accessible via Shodan, a search engine that finds connected machines like routers, webcams and servers. That's where we found Mr. Meier's data, contacted and warned him.

It's hard to reconstruct how Maier ended up involuntarily revealing his whole digital life. His son had moved to the United States, confirming on the phone that he had set up a password together with the server, not leaving open any unnecessary ports that could have been gateways into the home network. Those are, by the way, the two most common mistakes people make, as a result, inviting strangers into their system.

Maier's router is connected to a DS212 of Synology, an older server for private use. Such network storage devices (called NAS), can be found in hundreds of thousands of German households. Many use them as backups of the hard disks of their work station, storing photos and videos, in order to be able to access them when on the move. Those who don't want to entrust their data to one of the big cloud providers like Amazon, Dropbox, Google or Microsoft can install an NAS as private and supposedly safe alternative. But apparently it isn't always that safe.

Photo: Christian Ditaputratama

We found sensitive date from dozens of people in Germany: private photos, videos labeled Sexy Blondes Scene 3, employer references, bills, an architect's blueprints and extensive income tax declarations. One man for instance had stored the login data for 32 online services like Google, Amazon, eBay and his online banking in a Word document under the obvious title "ProviderUserPassword.docx". The concerned people use machines from big providers like Synology, Onap or Zyxel. And yet, the companies cannot be held responsible, as most likely the errors were committed by the users during the setup.

We were able to retrieve the data via the so-called File Transfer Protocol (FTP). The FTP makes it possible to access hard disks via the internet, even if you're not in the same network. Companies and universities use FTPs, but private network storage devices provide it too. In theory, the transmission is supposed to be encrypted.

That's also what a certain ship captain thought. The officer from the Ministry of Defense had set up a "My-Cloud" hard drive from Western Digital in his apartment. He stored his entire life on it, both private and professional. He used the small home server as a backup for his computer: Account statements, email passwords, data from family members and the CV of his daughter were open and accessible on the Internet.

Among the working papers were scanned identity cards from the German army and a detailed agenda with meetings in the Ministry of Defense. None of these documents should have been public.

On the phone, the officer claimed he couldn't know how the data was hacked, since access to the documents was secured by a password. When he understood that he had been mistaken, he immediately hung up.

Incomprehension, defensive reflexes, calls ending abruptly — that's how many confrontations with affected persons went for our team of reporters. The majority reacted with shock and concern, vowing to take all the necessary precautions and thankful for the warning.

Mr. Maier has set up new passwords for the 47 websites listed on his the Word document, checking each account for suspicious access. "I had more luck than wisdom," he says.

From now on, a password manager will store all of his login data. "Now I don't have to remember a single password on my own," he says. "Maybe that's better anyway, at my age."

You've reached your limit of free articles.

To read the full story, start your free trial today.

Get unlimited access. Cancel anytime.

Exclusive coverage from the world's top sources, in English for the first time.

Insights from the widest range of perspectives, languages and countries.


How Parenthood Reinvented My Sex Life — Confessions Of A Swinging Mom

Between breastfeeding, playdates, postpartum fatigue, birthday fatigues and the countless other aspects of mother- and fatherhood, a Cuban couple tries to find new ways to explore something that is often lost in the middle of the parenting storm: sex.

red tinted photo of feet on a bed

Parenting v. intimacy, a delicate balance

Silvana Heredia

HAVANA — It was Summer, 2015. Nine months later, our daughter would be born. It wasn't planned, but I was sure I wouldn't end my first pregnancy. I was 22 years old, had a degree, my dream job and my own house — something unthinkable at that age in Cuba — plus a three-year relationship, and the summer heat.

I remember those months as the most fun, crazy and experimental of my pre-motherhood life. It was the time of my first kiss with a girl, and our first threesome.

Every weekend, we went to the Cuban art factory and ended up at the CornerCafé until 7:00 a.m. That September morning, we were very drunk, and in that second-floor room of my house, it was unbearably hot. The sex was otherworldly. A few days later, the symptoms began.

She arrived when and how she wished. That's how rebellious she is.

Keep reading...Show less

The latest