Italian-based company “Hacking Team,” a notorious security firm accused of selling surveillance tech to corrupt governments, had a large trove of internal data leaked online late Sunday evening.
The hacker believed to be responsible, who goes by the Twitter handle Phineas Fisher, commandeered the company’s Twitter account before posting a link to a torrent file containing more than 400GB of data.
Changing the account’s name to “Hacked Team,” the hacker proceeded to mock the company’s poor security standards while posting screenshots of the obtained data.
Our network security staff hard at work while 5 MB/s is transferred out of our internal network through his computer. pic.twitter.com/Duzs3Y0tTL
— Hacked Team (@hackingteam) July 6, 2015
One such email sent by Hacking Team CEO David Vincenzetti ironically mentions the infamous hack of “wannabe competitor” FinFisher, which lost 40G worth of internal data in 2014. Incredibly, Phineas Fisher also took credit for the FinFisher hack that year after posting the data to Reddit and Twitter.
“FinFisher, a wannabe competitor of ours, has been severely hacked,” Vincenzetti wrote at the time.
The data dump also revealed Hacking Team’s current battle with the United Nations, which recently began investigating the company for its dealings with Sudan.
“By the looks of it, Hacking Team has been stonewalling a 1-year UN investigation of the sale of their tech to Sudan,” noted Christopher Soghoian, Principal Technologist and Senior Policy Analyst with the ACLU.
Despite Hacking Team repeatedly denying the existence of business relationships with third-world regimes in the past, exposure of the documents has clearly proven otherwise.
An invoice from the data showed a €480,000 charge sent by Hacking Team to the Sudanese government for a down payment on the Remote Control System surveillance tool.
According to the torrent file listing, Hacking Team holds contracts with a multitude of despotic nations such as Saudi Arabia and Kazakhstan.
Just from Torrent File listing, Hacking Team’s customers includes South Korea, Kazakhstan, Saudi Arabia, Oman, Lebanon, and Mongolia. — Christopher Soghoian (@csoghoian) July 6, 2015
Another leaked invoice also revealed a $1,000,000 Birr (ETB) contract with Ethiopia, a country accused of surveilling journalists with Hacking Team technology just last year.
Lorenzo Franceschi-Bicchierai, an investigative journalist specializing in information security, stated that the hacker may have taken every single file on Hacking Team’s server.
Source tells me that based on filenames and folders, the hackers who hit Hacking Team “got everything.” http://t.co/UUIhoqFAPH
— Lorenzo Franceschi B (@lorenzoFB) July 6, 2015
Hacking Team employees, seemingly unable to take back the company’s Twitter account, eventually responded to the breach after some time, telling Twitter users not to download the documents due to an alleged virus.
A lot of what the attackers are claiming regarding our company is not true. Please stop spreading false lies about the services we offer.
— Christian Pozzi (@christian_pozzi) July 6, 2015
Shortly after, the employee, who poorly chose to store his passwords in plaintext, had his Twitter account hacked as well.
Given the amount of information released, Hacking Team will undoubtedly be reeling from the leak for weeks to come as more secrets appear online.