Police admit defeat over Climate Research Unit hack

Melting earth. Image from ShutterstockBritish police have admitted that there is no prospect of them identifying who was responsible for a high profile hack of data from the Climate Research Centre (CRU) at the University of East Anglia.

The security breach – dubbed “ClimateGate” – came to light in November 2009, when a 61MB file containing 1079 emails and over 3800 documents was uploaded to the internet, and claims were made that some of the confidential emails revealed how the CRU had tried to hide the truth about climate change.

Inevitably there was much speculation as to who might have been responsible for the hack.

Leaked Hadley CRU documents

Sign up to our free newsletter.
Security news, advice, and tips.

Norfolk’s police force has now announced that it is closing the investigation because there is “no realistic prospect of identifying the offender or offenders and launching criminal proceedings within the time constraints imposed by law.”

The closure of the investigation is prompted by the statutory limit of three years since the original offence in 2009 has almost expired, with little progress made in discovering the culprit.

“The international dimension of investigating the World Wide Web especially has proved extremely challenging,” said Senior Investigating Officer, Detective Superintendent Julian Gregory. “However, as a result of our enquiries, we can say that the data breach was the result of a sophisticated and carefully orchestrated attack on the CRU’s data files, carried out remotely via the internet. The offenders used methods common in unlawful internet activity to obstruct enquiries.”

DS Gregory stomped on speculation that the hack had been an inside job. “There is no evidence to suggest that anyone working at or associated with the University of East Anglia was involved in the crime,” he said.

Unless someone associated with the hack owns up to their involvement, it seems that the story of “ClimateGate” may remain a mystery.

Melting earth image, courtesy of Shutterstock.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.