Cellebrite is the victim of a new data breach

Cellebrite, an Israeli smartphone analytics and data mining specialist, has come across a new data breach. About 1.7 terabytes of data from the company, which positions itself as a world leader in its sector, and its tools to help with forensic investigations, is now available for download on the Internet.

Divided by hacktivists

The data leak was first published by Enlace Hacktivista!, a hacktivist support page, and later by DDoSecrets Collective, a hacktivist group that had previously leaked internal data from about 200 police departments in the US. According to Enlace Hacktivista!, the data leak was due to an “anonymous whistleblower” who allegedly took possession of one of Cellebrite’s forensic programs, as well as documentation. Cellebrite was already the victim of a major hack six years ago when cybercriminals stole 900 GB.

In addition to this Cellebrite data, the correspondent also shared 103 GB of data from the Swedish company MSAB, a company that is also positioned in the “forensics” sector – the English word for digital forensics.

Hacktivists justify the dissemination of this apparently stolen internal data by saying that the software of the two companies, sold to police around the world, is being used to “gather information on journalists, activists and dissidents”, and in particular in cases of human rights violations, however without stating specific cases.

No messages from Cellebrite

According to Hackread, the leaked Cellebrite data archive contains the company’s full suite of software, including its flagship UFED software, as well as “customer documents.” Reassuring, indicating that confidential data will not be disclosed, and that part of the released files will be translation packs.

The company has not yet commented on the data breach or clarified its privacy. In addition to the fear of possible distribution of customer data, experts are wondering about the possible leakage of internal secrets, such as security flaws in devices operated by the company’s software.

French service provider

In France, Cellebrite won a four-year public contract in 2019 to supply telephone data extraction and analysis systems to the police, gendarmerie, customs and department of the Ministry of Foreign Affairs. Phones are at the core of their operations, and these digital investigation tools have become an important support for forensic investigations.

Cellebrite’s reputation has been boosted by its possible involvement in the decryption of the iPhone file of one of the perpetrators of the 2015 San Bernardino massacre, the file that drew attention to the Israeli company. However, six years later, the Washington Post explained that it was the Australian company Azimuth Security that developed the device used by the FBI to access the device.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker.