A company that sells surveillance software
has been hit by a data breach.
Hackers said they had penetrated Hacking
Team's internal network and stolen more than
400GB of data.
The Italian company said it was working with
police to track down the hackers.
Widely shared online, the stolen data includes
a list of the countries that have bought
Hacking Team's main surveillance tool, Da
Vinci, and emails suggesting intelligence
agencies use it to spy on activists and
journalists.
The list includes:
-
Azerbaijan
- Chile
- Egypt
- Kazakhstan
- Russia
- Saudi Arabia
- Spain
- Sudan
Lists of passwords and login details for client
sites were also revealed.
The hackers first published stolen data,
including internal files, email messages and
software source code, on Hacking Team's own
Twitter account, having first changed its name
to "Hacked Team".
Confirmation of the breach came via the
Twitter account of Hacking Team engineer
Christian Pozzi.
"We are awake. The people responsible for this
will be arrested. We are working with the
police at the moment," he said in one
message.
Soon after, this and other messages about the
breach were removed as Mr Pozzi's Twitter
account was deleted.
Hacking Team's website is also currently
offline.
Security expert Graham Cluley said the
company had "no shortage of online enemies
around the world".
Its software had been popular with intelligence
agencies in many countries, he said, but he
questioned how many would continue that
relationship given that it had been "so
seriously breached".
Human rights group Reporters Without
Borders had named Hacking Team as one of its
"enemies of the internet" because its software
was being used in countries that did not have
a "good record on democracy and human
rights".