An unidentified group of hackers stole 400 GB worth of confidential data from the Hacking Team, which provides effective, easy-to-use offensive technology to the worldwide law enforcement and intelligence communities.
According to report published on Welivesecurity, the attack started late night on July 6. It is said that the weak passwords might be reason behind the leak.
“Passwords are also contained in the leaked documents, including the login for the company’s official Twitter account which was used by the attackers to publish confidential information. The attackers posted private emails from company employees to Twitter, as well as a link from where anybody can download the 400GB file,” the report read.
The company’s official came to know about the attack only on the next morning.
Christian Pozzi, a security engineer, on July 7 confirmed by stating that, “We are awake. The people responsible for this will be arrested. We are working with the police at the moment.”
The researchers have claimed that as the company, which develops surveillance tools, sells such tools to various organizations across the world and that might be the reason behind the hacking.
J. Prasanna, Founder of Cyber Security & Privacy Foundation, said the Hacking team has been accused of selling software to hack into people for last few years. They seem to have supplied to countries where there are dictatorship regime (where people are targeted by government).
“Maybe an activist group would have hacked into the servers of hacking team,” opined Prasanna.
“Companies can make such tools, but it should be sold responsibly to democratic regime, such activity of monitoring should be subject after a court warrant. It should never be sold to countries which does human rights violations,” he added.
He added that there was always weak element in security.
“There may have a zero day vulnerabilities which hackers could have used to exploit,” he said.
Regarding about the impact of the attack, Prasanna said that many countries or governments who dealt and bought this software would get exposed.
“Today, many governments and companies are hungry for information on people/corporations/governments. So they hire hackers or software that does hacking,” Prasanna concluded.