Today has not been a good day for the Italian surveillance company Hacking Team. Late Sunday night, private documents from the company were apparently leaked online.
And now, according to an anonymous source speaking to Motherboard, the company is in the midst of a crisis.
The hack resulted in over 400GB of data being leaked to the open web. But that may not have been the full extent of the damage
Motherboard reports that the hackers may have gotten all of the company’s data — which could amount to more than a terabyte of confidential files. Worse, the company may not even have access to its email system.
In response, Hacking Team is reportedly in “emergency mode,” says Motherboard’s source; It has contacted all of its customers and is telling them to stop using its software.
For years, Hacking Team has been accused of working with countries known for human rights abuses. Human rights watchdog Reporters Without Borders has listed it as an “enemy of the internet.”
Hacking Team, however, has claimed it never sells its software “to countries that international organisations including the European Union, NATO and the US have blacklisted.”
But the newly leaked documents suggest that it has done business with Azerbaijan, Ethiopia, Kazakhstan, Morocco, Russia, Sudan, and the United Arab Emirates.
Basic security ineptitude may have caused the breach. Included in the leaked documents was a list of company passwords, many of which were reused and disturbingly easy to crack (including variants of the word “password”).
Motherboard’s source told the website that none of the files in the data dump were encrypted, and the company entrusted its most confidential data with new employees who may have followed reckless practices.
Nothing, however, has been confirmed as the company has been silent. An employee named Christian Pozzi sent out a series of defensive tweets following initial reports, but they were since deleted. In it, Pozzi said Hacking Team was working with the police.
Beyond that, the company has yet to make a formal comment, and had not responded to inquiries from Business Insider as of press time.
But if these reports turn out to be true, it may have bigger issues to deal with beyond the press: Angry government clients.