Cellebrite is an Israel-based smartphone hacking (or cracking) firm that previously made headlines for unlocking iPhone devices for law enforcement and security agencies in the United States.

An anonymous source has leaked around 4TB of proprietary data belonging to Israeli digital intelligence firm, Cellebrite. The affected products are the company’s flagship product, Cellebrite Mobilogy, and the Cellebrite Team Foundation server.

It is worth noting that as of now, the leaked data is only available to researchers and journalists by requesting Distributed Denial of Secrets (DDoSecrets), a non-profit whistleblower organization.

The trove of data comes in two parts including Cellebrite Mobilogy and Cellebrite Team Foundation Server.

About Cellebrite

Cellebrite provides digital data collection, analysis, and management services. Its services are quite similar to the infamous NSO Group behind Pegasus spyware. Cellebrite’s tools are used by companies, enterprises, and federal/state/local law enforcement authorities.

Cellebrite Universal Forensic Extraction Device is among the key products from Cellebrite used by law enforcement agencies, and it shared its code with the impacted product Cellebrite Mobilogy.

Team Foundation Server offers a platform for collaborative working and has now been replaced with Azure DevOps Server, which is used for sharing code, tracking work, and shipping software.

Leaked Data Analysis

Another attack targeted against backup files for the Cellebrite Team Foundation Server resulted in the leaking of 430 GB of data. Reportedly, around 3.6TB of data was compromised and leaked from Cellebrite Mobilogy. This product is used for device diagnostics, content backup, transfer, and restoration.

The source behind this data leak is not yet identified. And no cybercriminal or hacker group has claimed its responsibility. The hacking technique is also not disclosed as yet.

For your information, Cellebrite is the company that helped the FBI unlock San Bernardino shooter Syed Rizwan Farook’s iPhone.

Anonymous Source Leaks 4TB of Cellebrite Data Online After Cyberattack
Screengrab: DDoSecrets

Previous Cyber Attacks on Cellebrite

Cellebrite has previously been targeted in several cyberattacks. In January 2017, an anonymous attacker leaked 900GB of data stolen from the Israeli firm. The data contained information about the political scenario in different countries.

In February 2017, a hacker released the cache of sensitive data from the company regarding Cellebrite’s methods of hacking into Android, Apple, and Blackberry smartphones. Reportedly, a hacker successfully compromised Cellebrite’s security systems and stole sensitive data from its servers.