With input from Forbes and NPR.
What was supposed to be a carefully redacted release of sensitive government records has turned into another messy chapter in the Epstein saga.
After the Department of Justice dropped more than 11,000 documents tied to Jeffrey Epstein on December 22, some of the blacked-out material didn’t stay hidden for long. Within hours, users online showed that parts of the redactions could be undone — not with elite hacking tools, but with a technique that’s been known for years.
Political commentator Brian Krassenstein was among the first to point it out publicly, posting side-by-side screenshots on X showing redacted PDFs next to versions where the hidden text suddenly reappeared.
The method was almost embarrassingly simple: highlight the blacked-out area, copy it, and paste it into another document.
That worked because some of the DOJ’s redactions weren’t permanent removals. Instead, they appear to have been visual overlays — black boxes placed over text rather than the underlying text being deleted. PDFs can contain multiple layers, and if the sensitive text is still sitting underneath, copying it can expose everything.
Security experts weren’t shocked. They’ve been warning about this exact problem for decades.
In fact, the National Security Agency published guidance back in 2005 explaining how improper PDF redaction can fail — complete with step-by-step instructions. A Department of Homeland Security memo in 2010 also reminded agencies to follow that guidance strictly.
Which raises the obvious question: how did this still happen in 2025?
This wasn’t some zero-day exploit or nation-state cyberattack. It was a basic document-handling mistake — one that carries real consequences when the files involve victims, witnesses, and politically sensitive material.
From a national security and public-trust standpoint, that’s troubling. The DOJ has worked with the FBI on complex cyber operations in the past. Missing something this basic has fueled criticism that the rollout was rushed, sloppy, or both.
As word spread that redactions could be undone, unofficial archives of “unredacted Epstein files” began circulating online. That’s where things get riskier.
Security researchers have already found malware hidden inside some Epstein-related documents shared outside official channels. In other words: downloading random ZIP files or PDFs from social media posts isn’t just a privacy risk — it’s a cybersecurity one.
Bottom line: if you’re looking at Epstein records, stick to official DOJ sources. The chaos around this release is exactly the kind of situation cybercriminals exploit.
Adobe — whose software many agencies use — says proper redaction requires sanitizing the document, not just covering text. That means:
- Removing all hidden layers and metadata;
- Permanently deleting redacted text;
- Saving the sanitized file so nothing can be recovered later.
Failing to do that leaves documents vulnerable to exactly what happened here.
As if the redaction mess weren’t enough, the Justice Department now says it has discovered more than one million additional Epstein-related documents, blowing past a congressionally mandated deadline to release records.
Lawmakers from both parties are demanding an inspector general review, accusing the DOJ of illegal redactions and missed deadlines. Senate leaders say victims deserve transparency — not staggered releases and surprise document dumps.
The DOJ insists its lawyers are working around the clock to review the material, remove victim identifiers, and comply with the law. But confidence in the process has clearly taken a hit.
- Some Epstein file redactions failed because text wasn’t actually removed;
- The method used to reveal them was simple and well-known;
- Unofficial “unredacted” files may contain malware — be careful;
- Congress is escalating pressure on the DOJ over delays and redactions.
Instead of putting long-standing questions to rest, this release has added another layer of controversy — and reminded everyone that transparency only works if the basics are done right.
The latest news in your social feeds
Subscribe to our social media platforms to stay tuned