On July 5th, it appeared that Hacking Team’s Twitter feed was taken over. The banner on the page had been changed to “Hacked Team.” Several posts contained screenshots that are purportedly of the stolen data, which included emails sent by Hacking Team’s founder and CEO, Vincent Vincenzetti.
Hacking Team develops surveillance tools that it has maintained and are legally sold to governments for law-abiding investigations. But critics contend the company’s software has been used to spy on dissidents, human rights activists and journalists.
Hacking Team officials could not be immediately reached for comment.
According to Christopher Soghoian, Principal Technologist for the Speech, Privacy and Technology Project of the American Civil Liberties Union, the data stolen amounts to around some 400GB.
Soghoian, who has frequently criticized Hacking Team, wrote in another Twitter post that the data “dump includes an .xls spreadsheet listing every government client, when they first bought HT and revenue to date.”
That kind of data, if accurate, could immensely be damaging to Hacking Team, which has sought to defend its operations amid a variety of accusations from critics over who buys its software and how it’s used.
Hacking Team has been under consistent fire from organisations such as the University of Toronto’s Citizen Lab. One of Hacking Team’s main products is the Remote Control System, which is a suite of tools that enables secret remote access of a computer.
In a February 2014 study, Citizen Lab said RCS appears to have been used by 21 countries such as Azerbaijan, Colombia, Egypt, Ethiopia, Hungary, Italy, Kazakhstan, Korea, Malaysia, Mexico, Morocco, Nigeria, Oman, Panama, Poland, Saudi Arabia, Sudan, Thailand, Turkey, UAE and Uzbekistan.
Some of those countries, Citizen Lab noted, have questionable human rights records, and it’s believed that some governments may have used RCS to monitor the activities of civil rights activists.