Hacking Team, a controversial Italy-based company that develops and sells surveillance technology to governments worldwide, has been breached. The attackers have leaked hundreds of gigabytes of sensitive information allegedly obtained from the company’s systems.
Hacking Team offers lawful interception tools, which the company calls “offensive technology,” to law enforcement and intelligence agencies from all over the world. Officially, the spyware maker does not sell its products to countries that abuse human rights.
However, the company has been accused on several occasions by organizations like Citizen Lab of providing surveillance solutions to countries that don’t have a good record on democracy and human rights, including Sudan, Morocco, Ethiopia, and the United Arab Emirates. The emails and documents leaked now by an unknown group of hackers show that Hacking Team appears to be well aware that its solutions are used by oppressive regimes.
The breach came to light early on Monday when someone hijacked Hacking Team’s Twitter account and started publishing screenshots apparently representing emails sent and received by the company’s employees. The screenshots show emails regarding DNS issues suffered by Hacking Team in March 2014 due to its service provider, commentary on reports from Citizen Lab and other researchers, and communications related to human rights investigations.
One screenshot allegedly shows the screen of a member of Hacking Team’s network security staff whose computer was used to exfiltrate sensitive data from the company.
The attackers also published a torrent file containing 400GB of emails, files and source code allegedly taken from Hacking Team.
Some of the leaked emails show that the United Nations has been investigating the reported sale of Hacking Team’s surveillance tools to Sudan. The company denied any involvement with Sudan, but leaked emails seem to show otherwise.
Christopher Soghoian, principal technologist at the American Civil Liberties Union (ACLU), analyzed some of the leaked files and identified a document that apparently shows every one of Hacking Team’s customers and the revenue they have generated. The document reveals that Ethiopia paid $1 million for surveillance software, while the government of Chile signed the largest contract to date, worth $2.85 million.
Hacking Team could not be reached for comment. The company’s Twitter account still appears to be controlled by the attackers at the time of publishing.
Hacking Team’s Christian Pozzi said on Twitter that the breach has been reported to law enforcement authorities and that the people responsible for the attack will be arrested. Pozzi also warned users that the torrent file leaked by the hackers contains a virus.
“A lot of what the attackers are claiming regarding our company is not true. Please stop spreading false lies about the services we offer,” Pozzi said. “We haven’t broken any laws. We simply provide custom software solutions tailored to our customers needs,” he added.
The Hacking Team representative says they are in the process of notifying all customers about the breach.
Pozzi’s Twitter account was also hijacked minutes before this article was published.

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data
- Barracuda Urges Customers to Replace Hacked Email Security Appliances
- Google Patches Third Chrome Zero-Day of 2023
- ChatGPT Hallucinations Can Be Exploited to Distribute Malicious Code Packages
- AntChain, Intel Create New Privacy-Preserving Computing Platform for AI Training
- Several Major Organizations Confirm Being Impacted by MOVEit Attack
Latest News
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- Google Introduces SAIF, a Framework for Secure AI Development and Use
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Democrats and Republicans Are Skeptical of US Spying Practices, an AP-NORC Poll Finds
