6 July 2015
- From the section Technology
A company that sells surveillance software has been hit by a data breach.
Hackers said they had penetrated Hacking Team’s internal network and stolen more than 400GB of data.
The Italian company said it was working with police to track down the hackers.
Widely shared online, the stolen data includes a list of the countries that have bought Hacking Team’s main surveillance tool, Da Vinci, and emails suggesting intelligence agencies use it to spy on activists and journalists.
The list includes:
- Saudi Arabia
Lists of passwords and login details for client sites were also revealed.
The hackers first published stolen data, including internal files, email messages and software source code, on Hacking Team’s own Twitter account, having first changed its name to “Hacked Team”.
Confirmation of the breach came via the Twitter account of Hacking Team engineer Christian Pozzi.
“We are awake. The people responsible for this will be arrested. We are working with the police at the moment,” he said in one message.
Soon after, this and other messages about the breach were removed as Mr Pozzi’s Twitter account was deleted.
Hacking Team’s website is also currently offline.
Security expert Graham Cluley said the company had “no shortage of online enemies around the world”.
Its software had been popular with intelligence agencies in many countries, he said, but he questioned how many would continue that relationship given that it had been “so seriously breached”.
Human rights group Reporters Without Borders had named Hacking Team as one of its “enemies of the internet” because its software was being used in countries that did not have a “good record on democracy and human rights”.