WIRED.com reports that data was hijacked through a security vulnerability in the traffic-routing system.
In 2008, two security researchers at the DefCon hacker conference demonstrated a massive security vulnerability in the worldwide internet traffic-routing system — a vulnerability so severe that it could allow intelligence agencies, corporate spies or criminals to intercept massive amounts of data, or even tamper with it on the fly.
Earlier this year, researchers say, someone mysteriously hijacked internet traffic headed to government agencies, corporate offices and other recipients in the U.S. and elsewhere and redirected it to Belarus and Iceland, before sending it on its way to its legitimate destinations. They did so repeatedly over several months. But luckily someone did notice.
And this may not be the first time it has occurred — just the first time it got caught.
How big of an issue is this? Whoever siphoned the data is able to read unencrypted data including email, spreadsheets, credit card numbers and other sensitive information.