UK security services may have violated the privacy of at least 20 of its own experts by accessing their personal files, a security expert told Business Insider.
The Guardian reported on Thursday that the UK’s Cyber Crime Unit has confirmed that it had accessed the files of security firm Hacking Team and its employees using a tool called an exploit kit.
Hacking Team had previously said that it would shut down its business and leave the UK in March 2017.
“It’s very sad,” Hacking Group’s chief executive, Adrian Ludwig, told the Guardian.
Ludwig added that it was a mistake to trust the firm with sensitive information.
He told the newspaper that the hackers accessed his company’s files, which contained private details about HackingTeam’s clients.
“I believe that it’s a very bad and irresponsible decision,” Ludwig said.
“We didn’t have the information that was in those files.”
The hackers used the an exploit kit to access hacking team.com and other private company sites and steal sensitive information about Hacks team and its customers, including personal details of some customers.
One of Hacking team’s clients was the UK government, which had recently issued a security advisory stating that the company had no way of knowing if any data had been stolen.
The British government and Hacking group declined to comment on the Guardian’s report.