The leaked documents on 1Malaysia Development Berhad’s (1MDB) 2009 business deal with PetroSaudi International Ltd were edited before they appeared on the Sarawak Report website, an international cyber security firm has said.
According to a report in pro-government English daily, the New Straits Times (NST), the firm Protection Group International (PGI) said the data was stolen from PetroSaudi and subsequently edited before it was published on the Internet.
“Our investigation is still ongoing, but it is clear that we are looking at a case of large-scale data theft, and our analysis substantiates that (Xavier Andre) Justo is the source of the data published on Sarawak Report,” an expert from PGI was quoted as saying.
“For example, when we looked into a PowerPoint file that was on one of the Sarawak Report’s blog, we found evidence in the metadata of that file that it had been handled by a certain “xavierj” in 2013; two years after Justo left PetroSaudi, and four years after the file had originally been created by a law firm that advised PetroSaudi.
“It is also clear that the stolen data sets are incomplete, and underwent an editing process after they were removed from PetroSaudi’s systems, and before they were published on the Internet.
“There are many inconsistencies between the published data and the data which still exists on files within PetroSaudi relating to that period of time. Simply put, it is incomplete data, creatively selected and edited to fit a desired narrative,” the NST quoted the PGI source as saying.
PGI was hired to investigate the source of the data published on the Internet and verify its authenticity, NST reported.
Justo, a Swiss national and former employee of PetroSaudi, was arrested at a house on Koh Samui, Thailand, on Monday with computers, hard drives and other data storage devices.
Police Colonel Akaradech Pimonsri, acting commander of Thailand’s Crime Suppression Division, said Justo was paid an equivalent of 140 million baht (RM15 million) to leave PetroSaudi after he was found to have “behaved against the company’s rules and regulations”.
The Bangkok Post said Thai police believed Justo leaked information about PetroSaudi to a “UK-based news website” which the paper identified as Sarawak Report.
Meanwhile, the expert from PGI said the leaks found on Sarawak Report were an “all too familiar case” of published data going through selective editing or forgery to “create the most damaging story possible”.
He said it was often a case of a greedy or malicious employee removing confidential data and publishing or threatening to publish it for personal gain.
“In this case, what started out as a simple story of personal gain by a former employee, became a story of politically-motivated allegations through the use of irresponsible online blogs.
“All of the investigations we have conducted thus far would lead me to say that, from both a forensic and expert perspective, the information [relating to this issue] published on the Internet should be considered unsafe and unreliable by those wishing to draw conclusions from it,” he was quoted as saying.
Citing the leaked documents, Sarawak Report had in February alleged that businessman Low Taek Jho, or Jho Low, engineered PetroSaudi’s US$2.5 billion joint venture with 1MDB in 2009 in order to siphon off US$700 million from the deal.
It also said the US$1.5 billion in assets PetroSaudi had injected into the joint venture did not actually belong to the firm.
The joint venture deal ended six months later, with 1MDB’s investment of US$1 billion converted into Mubaraha notes, which 1MDB president and group executive director Arul Kanda Kandasamy has said was paid back in full.
1MDB also refuted claims of wrongdoing, stressing that the joint venture resulted in a profit of US$488 million. – June 24, 2015.