While the true extent of the breach is not known, the Israeli firm said the impacted server hosted a legacy database of my.Cellebrite, which included basic contact information for users registered for alerts or product notifications, as well as hashed passwords for users which were not yet migrated to a new, updated accounts system.
After being notified of the breach, Cellebrite acknowledged in a statement that the company had experienced “unauthorized access to an external web server”, and said it is now investigating how the security breach took place and the extent of the damage.
A subsequent report from Motherboard indicated compromised data included a customer support ticket from Turkey’s national police force as well as messages from various government officials in the United Arab Emirates, Bahrain, and Russian Federation.
The breach is the latest chapter in a growing trend of hackers taking matters into their own hands, and stealing information from companies that specialize in surveillance or hacking technologies. “The company had previously migrated to a new user accounts system”, it said.
It added that it did not believe there was any significant risk to customers as a result of the incident, but customers were nevertheless advised to change their passwords.
The Israeli firm has purportedly been supplying a number of U.S. government agencies as well as authoritarian regimes from the likes of Russian Federation, the United Arab Emirates and Turkey.
Cellebrite is in the process of notifying affected customers.
The hack feels very similar to the 2015 breach of HackingTeam, an Italian company that provided spying tools to governments around the world.
In a similar case from a year ago, notorious hacker PhineasFisher breached two separate surveillance services implicated in providing hacking solutions designed for spying on unsuspecting citizens to various government agencies.
While the data dump has not been released online for all to see, the cyberattacker said access to Cellebrite systems has been traded among some forums.
Referencing the reason for the leak, the hacker told Motherboard’s Joseph Cox: “To be honest, had it not been for the recent stance taken by Western governments no-one would have known but us”.
“I can’t say too much about what has been done”, the hacker told Motherboard.
One of the biggest fears of companies that say they can hack virtually anything is to be found out that they’ve been hacked themselves.