Hackers spill offshore law firm's tax secrets

Tax avoidance secrets of world leaders and their associates revealed in Panama law firm security breach

World leaders and their associates, senior FIFA operatives and other high-ranking officials have been revealed as users of opaque, tax-minimising offshore company structures following a major security breach at a Panamanian law firm, Mossack Fonseca.

World leaders linked to the documents spilled in the security breach include Russian president Vladimir Putin, China's president Xi Jinping, Icelandic prime minister Sigmundur David Gunnlaugsson and UK prime minister David Cameron, via an investment firm set up by his father.

The Panama Papers amount to 2.6TB of data and include more than 11.5 million emails, spreadsheets, client records, copies of passports and other financial and personal data.

They were leaked to German newspaper Suddeutsche Zeitung and the documents shared out globally via the International Consortium of Investigative Journalists. A total of 370 journalists from 78 countries have been examining the data - no Wikileaks-style data dump is planned, however.

There is no obvious sign of any breach on the home page of Mossack Fonseca, but we have approached the firm and asked for a statement on the reported leak.

A report in the Guardian - which uses its own corporate structures in the Cayman Islands to avoid tax - said that six members of the House of Lords, three former Conservative MPs and dozens of donors to UK political parties are represented.

At least one leaked internal document reveals that Mossack Fonseca was aware that their clients were primarily interested in minimising their tax bills. "Ninety-five per cent of our work coincidentally consists in selling vehicles to avoid taxes," said one memo.

The papers were leaked to Suddeutsche Zeitung last year, but it has taken this long for journalists worldwide to get a handle on all of the documents and emails.

To hear more about security challenges, the threats they pose and how to combat them, sign up for Computing's Enterprise Security and Risk Management conference, taking place on 24 November.