Cellebrite, an Israeli smartphone analytics and data mining specialist, has come across a new data breach. About 1.7 terabytes of data from the company, which positions itself as a world leader in its sector, and its tools to help with forensic investigations, is now available for download on the Internet.
🚨 #Ouch Mobile forensics company #Cellebrite hit by #DataBreach (1.7TB of data)🔥 https://t.co/i2NjWRag8D
➡️ #Cellebrite provides the authorities with a service to access data from seized mobile devices📲 Let’s hope that there will be no #ZeroDay in the data leak! #StayTuned pic.twitter.com/hn863PKv60
— Matthew Garin (@matthieugarin) January 17, 2023
Divided by hacktivists
The data leak was first published by Enlace Hacktivista!, a hacktivist support page, and later by DDoSecrets Collective, a hacktivist group that had previously leaked internal data from about 200 police departments in the US. According to Enlace Hacktivista!, the data leak was due to an “anonymous whistleblower” who allegedly took possession of one of Cellebrite’s forensic programs, as well as documentation. Cellebrite was already the victim of a major hack six years ago when cybercriminals stole 900 GB.
In addition to this Cellebrite data, the correspondent also shared 103 GB of data from the Swedish company MSAB, a company that is also positioned in the “forensics” sector – the English word for digital forensics.
Hacktivists justify the dissemination of this apparently stolen internal data by saying that the software of the two companies, sold to police around the world, is being used to “gather information on journalists, activists and dissidents”, and in particular in cases of human rights violations, however without stating specific cases.
No messages from Cellebrite
According to Hackread, the leaked Cellebrite data archive contains the company’s full suite of software, including its flagship UFED software, as well as “customer documents.” Reassuring, indicating that confidential data will not be disclosed, and that part of the released files will be translation packs.
The company has not yet commented on the data breach or clarified its privacy. In addition to the fear of possible distribution of customer data, experts are wondering about the possible leakage of internal secrets, such as security flaws in devices operated by the company’s software.
French service provider
In France, Cellebrite won a four-year public contract in 2019 to supply telephone data extraction and analysis systems to the police, gendarmerie, customs and department of the Ministry of Foreign Affairs. Phones are at the core of their operations, and these digital investigation tools have become an important support for forensic investigations.
Cellebrite’s reputation has been boosted by its possible involvement in the decryption of the iPhone file of one of the perpetrators of the 2015 San Bernardino massacre, the file that drew attention to the Israeli company. However, six years later, the Washington Post explained that it was the Australian company Azimuth Security that developed the device used by the FBI to access the device.