LONDON (AP) — An Italian surveillance firm known for selling malicious software used by police bodies and spy agencies has succumbed to a cyberattack, the firm’s spokesman said Monday, confirming an embarrassing breach which sent documents and invoices ricocheting across the Internet.
Hacking Team spokesman Eric Rabe said in a written statement that the company was the victim of an “online attack.”
“We believe documents have been stolen from the company,” he said. “We are investigating to determine the extent of this attack and specifically what has been taken.”
Hacking Team’s headache began late Sunday, when its Twitter account was apparently hijacked and began posting screenshots of what were purported to be internal company emails and details of secret deals with various world governments.
“Since we have nothing to hide, we’re publishing all our emails, files and source code,” one of the Twitter messages said. At the same time a massive file, several hundred gigabytes in size, was leaked online.
The Associated Press couldn’t immediately verify the authenticity of the leaked material and Rabe declined to comment on the accuracy of the documents, citing confidentiality agreements.
Still, some of the billing records being shared online appeared to corroborate work by Citizen Lab, a research group at the Munk School of Global Affairs at the University of Toronto, which has linked Hacking Team to two dozen countries, including several with atrocious human rights records.
“Early reports … appear to validate our research showing use by repressive regimes like Ethiopia and Sudan,” Citizen Lab said in a statement. “These reports point to the lack of transparency and accountability around the market for intrusion software. We think that a better understanding of this market is essential for a free and secure Internet.”
The Milan-based company has been the subject of increased scrutiny after its malware was discovered targeting a series of journalists and activists.