Reality Winner pleads guilty after being unmasked by microdots

Government contractor leaked top secret documents about Russian hacking.

Reality Winner pleads guilty

Reality Winner, the US government contractor who leaked top secret documents to a news website, has pleaded guilty to charges of unlawful retention and dissemination of national defence information.

26-year-old Winner faces more than five years in prison after sharing information with The Intercept about Russian hackers attempting to influence the 2016 US Presidential election.

As we’ve previously discussed, it appears that Winner was unmasked after The Intercept sent a scan of the leaked documents to the NSA.

Sign up to our free newsletter.
Security news, advice, and tips.

Unfortunately for the former government contractor, the NSA logs its print jobs and – as with most modern printers – nearly invisible microdots are included on printed documents to make it easier for law enforcement to trace their origin.

Dots
Source: Errata Security

Ironically, as The Register reports, just last week German researchers published their findings in how these tracking dots on print outs can be obfuscated.

Before Winner will be sentenced at a later date, pending reports requested by Judge Randall Hall. Reality Winner told the judge that she takes medication for depression, and suffers from an eating disorder.

For more discussion on this case, check out the “Smashing Security” podcast we issued at the time of Reality Winner’s arrest:

Smashing Security #024: 'Reality Winner, Gordon Ramsay and a leaky bucket'

Listen on Apple Podcasts | Spotify | Pocket Casts | Other... | RSS
More episodes...


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "The AI Fix" and "Smashing Security" podcasts. Follow him on Bluesky, Mastodon, and Threads, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.