Leak to Us

The International Consortium of Investigative Journalists encourages whistleblowers everywhere to securely submit all forms of content that might be of public concern - documents, photos, video clips as well as story tips.

We accept all information that relates to potential wrongdoing by corporate, government or public service entities in any country, anywhere in the world. We do our utmost to guarantee the confidentiality of our sources.

Our motives are squarely aimed at uncovering important government and corporate activities that might otherwise go unreported, from corruption involving public officials to systemic failure to protect the rights of individuals. Journalists from the relevant countries will evaluate and pursue all leads and content submitted and, if merited, report on these issues.

ICIJ’s SecureDrop server

ICIJ’s SecureDrop server has moved. Please see the instructions below for the new onion URL. For verification, please see messages on ICIJ’s Twitter and Facebook accounts, and on ICIJ’s website at icij.org/leak

Contacting ICIJ through our encrypted SecureDrop server is a way to share documents and messages with ICIJ that allows you to protect your identity, even from us.

There are a number of precautions you can and should take to protect yourself before using our SecureDrop system. For example, you should not use it directly after viewing this page. Instead, you should write down the instructions and onion URL below, then move to a different network to the ones you usually use (a public wifi network with no password is best) to begin the process. The below instructions represent the minimum requirements in order to access our SecureDrop service:

  1. Download and install the Tor browser (or, for additional protection, use the Tails operating system, which includes Tor by default)
  2. Navigate to the following onion URL: http://lzpczap7l3zxu7zv.onion
  3. Follow the instructions to connect and communicate with us. You will be provided with a secret, unique code name that you should memorize or store securely in order to access our replies.

ICIJ takes source protection very seriously. When you use our SecureDrop service, we will not collect any identifying information from you (like your IP address, location, or browser details), nor will we deliver persistent cookies to your browser or embed any third-party services on our SecureDrop pages. All information you provide will be stored encrypted, and will only be decrypted on an air-gapped machine that never connects to any networks.

Despite these security measures, no online system is perfect, and use of the service is at your own risk.

ICIJ also uses PGP encryption: our public key can be found on the MIT Public Key Server (fingerprint: 986A 572D 3B95 BD42 331E 839A B532 F18C 2A17 696B); our email address is contact@icij.org.

There are a number of basic safety measures you can take to protect yourself when providing sensitive or confidential information. For instance, details of phone calls made from a large building are often recorded on the building's electronic systems; details of mobile phone calls are routinely collected by providers and government authorities; and details of network access and internet use can be recorded and stored at a number of junctions along the way. It is safer to use a public phone when contacting a reporter, just as it is safer to use an internet cafe when sending files.

Ultimately, we feel that no electronic form of communication is entirely secure - sometimes the safest ways are the old-fashioned ways. You can post printed documents, or electronic files on a portable storage device (a thumb drive, hard drive, memory card, DVD, CD, etc.) directly to ICIJ at the below address.

Submit to:

1710 Rhode Island Ave NW,
11th floor,
Washington DC 20036, USA

Tel: +1.202-808-3310
Email: contact@icij.org

Other ways you can leak to ICIJ