Cellebrite Provides Update on Information Security Investigation to Forensic Customers
Petah Tikva, IL—January 24, 2017 – Further to the announcement issued January 12, 2017 advising interested parties of an information security incident that the company experienced, Cellebrite is providing additional information learned and an update on actions taken as part of the company’s incident response process.
Cellebrite was alerted to the attack on January 11, 2017. Cellebrite immediately began a thorough incident response investigation. The attack affected an external server residing in a secured data center. The server was primarily used for storing backup data and did not contain evidence related to any ongoing or active investigation.
The unauthorized and unlawful access resulted in approximately 900 GB of data being stolen from the affected server. The vast majority of the data included log files from my.Cellebrite, the company’s end-user licensing system, and other innocuous user activity, including approximately 350 GB of backup storage for offline world maps. There was no upload of files of any type to the server.
As previously disclosed, the attack compromised contact details from a backed up version of my.Cellebrite. This backup contained basic user contact details, but did not include full password information or any information related to the purchase of Cellebrite products, such as credit card history. The password information that was impacted, was hashed. Cellebrite has notified all affected my.Cellebrite users and provided specific instructions for changing their passwords. Cellebrite has also contacted all unaffected my.Cellebrite users, advising them that their information remains secure.
Contrary to some erroneous reports, the attack did not impact any Cellebrite intellectual property related to the delivery of Cellebrite Forensic products and services, such as proprietary source code. There is no increased risk to Cellebrite Forensic customers as a result of normal, ongoing use of Cellebrite UFED software and hardware, including routine software updates.
Included among the compromised data were Forensic technical support inquiries submitted via my.Cellebrite. These inquiries do not pertain to any open technical support cases.
Cellebrite is taking necessary measures to harden its security posture in the wake of this incident. The investigation is ongoing, and Cellebrite will provide further updates as they become available. The company is cooperating with relevant authorities who are conducting a criminal investigation into the attack.
Every day around the world digital data is impacting investigations. Making it intelligent and actionable is what Cellebrite does best. A pioneer of mobile data forensics with a passion for technology innovation, Cellebrite is uniquely positioned to address the rapidly evolving needs of its diverse customer base to access, unify and defend digital evidence of all kinds. Together, our powerful UFED solutions deliver the only complete, end-to-end Digital Forensics Platform on the market. Our track record remains unchallenged. Our results? Proven and well documented. With more than 40,000 UFED licenses deployed globally in 100 countries, we allow law enforcement, intelligence services, border patrols, special forces, military and the private sector to achieve their missions quickly and effectively.
Cellebrite is a wholly-owned subsidiary of the Sun Corporation, a listed Japanese company (6736/JQ)