Data breached in translation

Online language translation software caused a data leak at Statoil. Use these best practices to keep translated information secure.

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

Before September, translation didn’t matter — at least, from an infosec standpoint. Taking content written in one language and changing it to another wasn’t at the top of most CSOs’ lists of data risks. Then Norwegian news network NRK uncovered a breach at Statoil, one of the world’s biggest oil and gas companies.

NRK reports that the $46 billion business used Translate.com, a free online tool, to translate “notices of dismissal, plans of workforce reductions and outsourcing, passwords, code information, and contracts.” Then, the story continued, Lise Lyngsnes Randeberg, a college professor, Googled Statoil: In her results were the company’s translations.

“Wow! What is this?” Randeberg thought, telling NRK, “This was information from organizations, private companies, government agencies.” In other words, stuff Statoil may not have wanted Randeberg — or any Google user — to read.

The translation industry saw the breach coming. “It was something that we had been warning companies about [for] 10 years or so,” says Don DePalma, Chief Strategist at Cambridge-based think tank Common Sense Advisory.  “It's been a question that's been coming up, given the way [free online translation] works: Is that something that would expose information?”

How online translation services work

So how did it happen? This is what Translate.com had to say: "Translate.com’s free, volunteer-based machine translations were not breached. There are two versions of the Translate.com solution. The one in question, the free version, using various online translation services, also incorporated volunteer translators to review and correct translations. This 'old' volunteer segment is now closed, and all translations involving volunteers have been removed. The online machine translations, which are still available for free, will no longer be saved."

To continue reading this article register now

SUBSCRIBE! Get the best of CSO delivered to your email inbox.