Hacking Team hack: UK's Scotland Yard received bid from controversial spy software company
Hacking Team, the Italian company that sells sophisticated spying software, tendered for a contract from the London Metropolitan Police worth $300,000 (£192,000), according to leaked internal documents.
The revelations come from the huge trove of sensitive documents leaks by an unknown hacker relating to the company that sells its cyberweapons to governments and law enforcement agencies around the world.
According to leaked emails from Massimiliano Luppi, who manages multiple accounts for Hacking Team, the company was in contact with at least three potential clients in the UK.
According to another leaked document detailing Hacking Team's 2014 revenue forecast, the contact with the London Metropolitan Police related to a tender for a contract worth $300,000. However if the company's 2015 revenue forecast is anything to go by, the company did not win the contract.
The 2015 forecast did however include a prediction that its new business for the year could total more than $17m, bringing its total revenue to more than $25m. That figure will now be significantly smaller following this highly embarrassing leak.
The Met has failed to respond to a request for comment on the possibility it was in contact with Hacking Team.
Cannot confirm or deny contact
Luppi was also in contact with the National Crime Agency (NCA), though at present it is unclear what that contact was in relation to as there is no mention of the NCA in Hacking Team's revenue predictions for either 2014 or 2015.
Asked for a comment, a spokesperson for the NCA said: "We would neither confirm nor deny any contact with Hacking Team."
The final UK contact in Luppi's email archive is a folder marked Hennessy. It is unclear if this relates to an individual, a company or a contact at the NCA or Met Police.
The huge 400GB trove of documents, emails and software has revealed Hacking Team was working with the Sudanese government despite its assertions to a UN investigation that it had no business relationship with the blacklisted country.
Lacklustre security
The company has yet to make an official response to the massive data breach but one of its employees, Christian Pozzi, made some remarks on Twitter saying the claims being made by the hackers were not accurate, that the download links contained viruses and that those spreading lies could go to jail. His Twitter account was soon hacked before it was deleted completely.
As well as posting highly sensitive emails, invoices and documents, the hackers have also posted information indicating the security measures the company had in place were less than secure, with Pozzi (a security engineer) using the password "Passw0rd" across the system and this was not unusual among employees at Hacking Team according to the leaked data.
© Copyright IBTimes 2024. All rights reserved.