The Israeli company that found fame when it was fingered as a potential source of hacking software used by the FBI to crack open an iPhone has itself been hacked.
In a statement on its website, Cellebrite today admitted that an “external web server” containing the company’s license management system had been accessed by an unknown third party. The company is still investigating the extent of the hack, but it has advised all its customers to change their passwords.
The biz says the database is an old one – it has migrated to a new system – but warned that basic contact information for people that were registered to receive notifications from the company has been accessed. Reportedly, as much as 900GB of information was taken.
Such a database could prove valuable given Cellebrite’s line of work: it specializes in mobile forensics. In that capacity, the FBI apparently approached it in an effort to crack the iPhone of San Bernardino shooter Syed Farook.
Farook was running version 9 of the iOS mobile software, which encrypted the phone’s data and required a four-digit pin to access it. Too many wrong tries effectively render the phone inoperable. The FBI decided to use the case to have a very public fight with Apple over its security features, demanding that the iTunes giant give the FBI access to the phone.
Apple refused, stating that it was effectively being told to break its own product, and the impasse became national news, with politicians dragged into the argument. In the end, in a face-saving exercise, the FBI said it had found a third-party vendor that could access the phone, and backed down from what had by then become a legal challenge.
Although neither the FBI nor Cellebrite ever confirmed the forensics company was the source of the hack, neither denied reports, either. Whatever biz bypassed the smartphone’s security, it received as much as $1m for its troubles. With that amount of money flying about, it was inevitable that hackers would try to get into Cellebrite’s systems.
“Cellebrite actively maintains an ongoing information security program and is committed to safeguarding sensitive customer information using best-in-class security countermeasures,” the company assured customers. “Once the investigation of this attack is complete, the company will take any appropriate steps necessary to harden its security posture to mitigate the risk of future breaches.”
The outfit, which is a subsidiary of the Japanese Sun Corporation but is based in Israel, said it was working with the authorities to try to track down the hackers. ®
Customer Identity and Access Management
via The Register – Security http://bit.ly/2jB81tE