The cybersecurity firm Hacking Team was hacked, in result of which documents revealing that it sold software to repressive regimes were published to the firm’s own Twitter.

The Italian firm provides security services to law enforcement and national security agencies, including legal offensive security services that are known to use malware and vulnerabilities to break into target’s networks. However, the recent 400GB leak revealed that the firm has also been working with repressive regimes, although it has previously denied doing this. Hacking Team couldn’t independently verify the veracity of the documents.

The hackers used the Hacking Team’s own official Twitter feed to communicate, by posting messages for hours after about the specific documents leaked, including emails, invoices and screenshots of the firm’s employees’ computers. After Hacking Team regained control, the tweets were removed. However, the messages had time to show Hacking Team negotiating export of its malware to Nigeria (perhaps bypassing Italian export controls) and selling hacking tools to Ethiopia to be used to target journalists in the United States and elsewhere. At the same time, Hacking Team has never publicly confirmed working with Ethopia, and its representatives dismissed earlier reports as groundless.

Hacking Team has repeatedly denied selling its software to repressive regimes, while the leaked documents (if real, of course) suggest that the list of the company’s clients include governments and security services of Azerbaijan, Kazakhstan, Uzbekistan, Russia, Bahrain, Saudi Arabia and the UAE. It is not actually clear how the CIS countries can be called repressive, but there are claims that some of these countries have been criticized for their aggressive surveillance of citizens, activists and journalists.