The secret US embassy cables were dumped as obscure in an internet-enabled information sharing tool which played a critical role in their leak by WikiLeaks, the investigators have found.
Much before the startling disclosure by the whistle-blower website, the 250,000 classified diplomatic messages resided in the database called Net-Centric Diplomacy, which was set up for rapid sharing of information among the security agencies and bureaucrats to uncover threats against the US.
According to the Washington Post, investigators have understood only recently the critical role played by Net-Centric Diplomacy, a computer initiative that became the conduit for the heist of sensitive US government documents.
Partly because of its design but also because of confusion among its users, the database became an inadvertent repository for a vast array of State Department cables, including records of the US government's most sensitive discussions with foreign leaders and diplomats.
The system lacked features to detect the unauthorised downloading by Pentagon employees and others of massive amounts of data, according to State Department officials and information-security experts.
"This was as bad as it gets," said Patrick F Kennedy, undersecretary of state for management, referring to the diplomatic fallout.
"We had, over the course of many years, built up a huge amount of faith and trust. That's ruptured now, all over the world."
Officials and security analysts describe the leak as a cautionary tale, one that underscores flaws in security for secret government data while also exposing a downside to the US government's enthusiastic embrace of information-sharing in the months after the Sep 11, 2001, terrorist attacks.
"It was consistent with the concept of needing to share information after September 11th," said State Department spokesman P J Crowley.
"We were asked to do it, and the Pentagon paid for it."
Net-Centric Diplomacy was launched in 2006 and tied into a giant Defense Department system known as the Secret internet Protocol Router Network, or SIPRnet. Soon, nearly half a million government employees and contractors with security clearances could tap into the diplomatic cables from computer terminals around the globe.
"The State Department's commitment shows the way for other agencies," the then director of National Intelligence John D Negroponte wrote in a Jan 29, 2007, letter to then Secretary of State Condoleezza Rice.
Sensitive cables were often dumped willy-nilly into the database regardless of whether they belonged there, according to two department officials familiar with the internal procedures for data storage.
Thousands of cables and other documents pass through Foggy Bottom daily, and to ensure that they are routed properly, each is assigned a code or codes, similar to a Zip code. One such six-letter code - SIPDIS - flags a computer to route the document to the Net-Centric database, allowing it to be viewed by intelligence officers and military personnel worldwide.
In practice, embassy employees added the code word SIPDIS by rote, often without fully understanding what it meant, said one of the department officials.
"It wasn't clear what was to be shared or not shared," the official said. "So you end up with a cable in the database that contains embarrassing stuff about (German Prime Minister Angela) Merkel. Is that the kind of stuff that a war fighter really needs to see?"
The department was not equipped to assign individual passwords or perform independent scrutiny over the hundreds of thousands of users authorised by the Pentagon to use the database, said Kennedy.
"It is the responsibility of the receiving agency to ensure that the information is handled, stored and processed in accordance with US government procedures," he said and acknowledged that the department had no means of overseeing practices by other agencies using its data.
The US investigators suspect that Bradley Manning, an army private stationed in the Persian Gulf, downloaded the State Department cables from a computer terminal in Kuwait. He then allegedly provided the files to WikiLeaks.
In the wake of the leak, State Department officials cut off outside access to Net-Centric Diplomacy pending a review. Some secret documents are still being made available to other agencies through a different network designed to handle highly classified data, Kennedy said.