Hacking Team Hit By Data Breach

Hacking Team, a controversial Milan-based maker of surveillance tools sold primarily to governments, acknowledged on Monday that it has been hacked, with a cache of internal documents published, along with passwords used by customers and its own staff.

The company has been criticised for making tools that help governments to spy on their citizens, via both desktop and mobile platforms, for instance earning a position on the “Enemies of the Internet” list compiled by Reporters Without Borders, which highlighted it as one of five companies that “sell products that are liable to be used by governments to violate human rights and freedom of information”.

Spying tools

Aside from the data breach, Hacking Team’s Twitter account was also taken over by attackers and defaced, but had been restored as of Monday afternoon. No one has yet claimed responsibility for the incident.

“The people responsible for this will be arrested,” said Hacking Team senior system and security engineer Christian Pozzi via Twitter. “We are working with the police at the moment.” He said the company was in the process of notifying its customers of the hack.

Pozzi’s Twitter account was subsequently hacked and as of Monday afternoon had been deleted.

The attack is likely to have been carried out by one of Hacking Team’s numerous opponents, according to security analyst Graham Cluley.

“No one has yet claimed responsibility for the hack, but… this Milan-based company has no shortage of online enemies around the world,” he said in an advisory.

Hacking Team is currently the subject of an investigation by the United Nations, accusing it of violating an arms embargo to the Sudan, something the company has denied.

However, amongst the documents published online are an invoice for €480,000 (£341,000) sent by Hacking Team to the Sudanese government for a 50 percent payment on a tool called Remote Control System. The American Civil Liberties Union (ACLU) said the leaked document showed Hacking Team had been “stonewalling” the UN investigation.

Hacking Team’s Remote Control System (RCS) spyware was used against the Moroccan media, a United Arab Emirates human rights activist and Ethiopian journalists in the Washington, DC area, according to CitizenLab. Morocco, the UAE and Ethiopia are among the states listed as clients in the leaked documents.

‘Lies’

The company’s US clients include the FBI, the Drug Enforcement Agency and the Department of Defence, according to the leaked documents.

Pozzi said the attackers were “spreading a lot of lies about our company”. Pozzi himself was targeted by the attackers, who leaked the passwords stored in his web browser.

The leak included a 400GB dump of data linked to via several file-sharing services, as well as documents posted on various text-sharing sites. The leaked items include internal emails, source code and other internal files, according to security researchers.

“Since we have nothing to hide, we’re publishing all our e-mails, files and source code,” said a message on Hacking Team’s Twitter feed posted by the attackers.

Are you a security pro? Try our quiz!