ISRAELI HACKING OUTFIT Cellebrite, which hit the headlines last year for helping the FBI hack into an encrypted iPhone 5C, has announced it has been hacked itself.
The breach was first reported at Motherboard which said it was sent 900GB of Cellebrite data by an unnamed hacker.
The report says that cache includes alleged usernames and passwords for logging into Cellebrite databases connected to the company's my.cellebrite domain, alongside what appears to be evidence files from seized mobile phones and logs from Cellebrite devices.
A statement on the Cellebrite website confirms the breach, and states that there was "unauthorised access to an external web server" and that it is now investigating the cause of the breach.
"The impacted server included a legacy database backup of my.Cellebrite, the company's end user license management system. The company had previously migrated to a new user accounts system," it said.
"Presently, it is known that the information accessed includes basic contact information of users registered for alerts or notifications on Cellebrite products and hashed passwords for users who have not yet migrated to the new system."
It added that it did not believe there was any risk to customers as a result of this incident but customers were advised to change their passwords. Customers are also being notified of the incident.
"The company is working with relevant authorities regarding this illegal action and are assisting in their investigation," it said.
It does not appear the attack has any relation to the work the firm did helping the FBI crack the iPhone's security, but it could well be those behind the attack were after such information. µ
Welcome to the dystopia Black Mirror warned us about
Microsoft in 'more helpful' shock
A whole new way to be tied to your ISP
Search giant puts Epyc chips at the heart of its datacentre servers