The Hackers Have Been Hacked. 900 GB of Confidential Data Stolen.

Data Theft, What the Hack

Cellebrite-hacked

Cellebrite hacked! Cellebrite, one of the most popular companies in the mobile phone hacking industry has itself been hacked resulting in 900GB of confidential data leakage. The leaked data includes databases, customer information, and technical data regarding company’s products.

Mobile data forensics provider Cellebrite is an Israel-based company known for its laptop-sized device called the Universal Forensic Extraction Device (UFED) that can rip data from mobile phones.

Cellebrite has been providing forensic solutions to US federal and state law enforcement agencies in the past. The leaked data suggests that Cellebrite is providing mobile forensic solutions to Russia, the United Arab Emirates and Turkey as well.

Stolen Data Includes License Information

The leaked data have been apparently stolen from Cellebrite’s website database after multiple successful endeavors. The leaked data includes username and password used for logging into company’s end user license management system, my.Cellebrite. This section of the site is mainly used by customers for software update information and License information.

my.cellebrite web page screenshot
figure: my.cellebrite web page screenshot

The stolen data dump also contains evidence files from seized mobile phones that Cellebrite obtains during forensic of a mobile phone.

Confirming the data breach, company said “Cellebrite recently experienced unauthorized access to an external web server” in a web statement.

The data forensic company said it will be conducting an investigation to determine the magnitude of the breach. However, the company confirmed that the stolen data includes contact information of users registered for alerts or notifications on Cellebrite products and hashed passwords for users.

Stolen Data May Be Subjected To Sale

The anonymous hacker who contacted motherboard with a copy of hacked data claimed that the Cellebrite system and data have been subjected to trading on selected IRC chat room.

Cellebrite in its web statement advised customers to change their passwords as a precaution and added that the company is working with relevant authorities to assist in the investigation.

The hacker, however, remained silent on the exploits used for causing the data breach.