According to an account by Guardian journalist David Leigh, WikiLeaks founder Julian Assange gave the unredacted cables to the Guardian in the summer of 2010 by temporarily placing an encrypted file on an obscure website. Leigh received a password that unlocked this file. A few months later, WikiLeaks publicly posted a huge archive of previously released material to ensure continued access to it after Assange's legal troubles and attacks on its website.
At that time, only a few thousand of the more than 250,000 cables had been published, and only in redacted form to protect U.S. diplomatic sources.
Although the 250,000 cables were not in the archive, it included a mysterious encrypted file called "z.gpg" - which appears to have been created months before WikiLeaks gave the cables to the media.
In February 2011, Leigh's book WikiLeaks: Inside Julian Assange's War on Secrecy was published. In it he described how Assange passed the cables to the Guardian, along with the password he was given. There matters sat until Aug. 25, when the website of the German newspaper Der Freitag connected the old password with the "z.gpg" file, although it did not name the file or print the password.
But others clearly knew. By Wednesday, a few Twitter users were hinting that the password in Leigh's book worked. Within hours, public links to the full, unencrypted cables appeared. By Thursday, the cables were easily available from several file-sharing sites.
WikiLeaks blamed Leigh for publishing the password and former WikiLeaks staffer Daniel Domscheit-Berg for revealing the password's connection to the old file. Domscheit-Berg told CNN he discovered the connection "by chance" and alerted Die Freitag. Leigh dismissed the allegations as "time-wasting nonsense."
"What we published much later in our book was obsolete and harmless," Leigh said. "We did not disclose the URL [web address] where the file was located, and in any event, Assange had told us it would no longer exist."
Leigh says he wasn't given the same file as the one now circulating. The file obtained by unlocking "z.gpg" is slightly different than an archive of the cables obtained earlier this year by the AP. But both files used the same password.