Nearly a week after government officials seized hundreds of Tor hidden services, the Tor Project is still unsure as to how the takedown was accomplished.

Tor is an open source privacy network that encrypts messages through multiple network nodes. It’s supposed to keep users’ identities and locations discreet, but that has been called into question after Operation Onymous, a successful Europol effort that apparently infiltrated Tor and led to the arrests of 17 people operating vice-related sites on the network.

See also: You Can Now Access Facebook On Tor

In a Sunday blog post, Tor volunteers noted they were “as surprised as most” to hear about the seizures and were continuing to assess the damage after Europol seized hundreds of URLs hosted on about 27 websites, including the black market site Silk Road 2.0:

Tor is most interested in understanding how these services were located, and if this indicates a security weakness in Tor hidden services that could be exploited by criminals or secret police repressing dissents. We are also interested in learning why the authorities seized Tor relays even though their operation was targeting hidden services.

The major question the Tor Project has is whether the seizure indicates a weakness in the sites that were operating on Tor, or a weakness within Tor itself. The volunteers wonder if the webmasters who had their sites taken down were using “adequate operational security,” given that some of the Europol tactics were pretty generic.

Another possibility is that the takedown exploited a vulnerability the Tor Project isn’t even aware of yet.

“Over the past few years, researchers have discovered various attacks on the Tor network,” the post continues. “We’ve implemented some defenses against these attacks, but these defenses do not solve all known issues and there may even be attacks unknown to us.”

For many people—from those who want to practice free speech in countries that would limit it, to criminals who want to organize over the Internet—Tor is the most convenient option. However, it’s likely not as secure as anyone previously thought.

Photo by Brendan Gates