Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

French piracy monitoring firm's website hacked

Media reports suggest that the French government, which uses TMG to monitor BitTorrent and similar file-sharing sites/services, has suspended its contract with the firm, amidst reports that TMG's systems were not that well secured.

Unconfirmed reports suggest that the information obtained during the hack has now been posted to the internet.

The TorrentFreak newswire quotes Olivier Laureli, a security researcher, as saying that a TMG virtual machine leaked a lot of data, including scripts, peer-to-peer clients designed to generate fake peers, plus local physical addresses in the datacentre.

TorrentFreak also asserts that the IP addresses of French citizens, who were being monitored by TMG for alleged violations of anti-piracy legislation, may also have been leaked.

Interestingly, the newswire says that TMG is the only firm licensed to carry out P2P piracy monitoring in France and, since the firm's contract is suspended, the P2P monitoring system operating in France is also suspended.

As reported previously, France now operates a 'three strikes' law – HADOPI – which can end up with users being disconnected by their ISP, although Infosecurity notes there have been no publicly reported instances of a Net disconnection being imposed.

The BBC, meanwhile, reported that France's HADOPI legislation has caused controversy since it was introduced back in 2009.

"Suspected illegal file-sharers receive three official warnings, after which they are reported to a judge who can hand out a range of punishments, including disconnecting them from the internet", says the newswire.

Professor John Walker of Nottingham Trent University's school of computing and a member of the ISACA security advisory group, is quoted as telling the BBC that any firm that gets involved in this will need to make sure that its security is nailed down.

"This was the perfect storm waiting to happen. It was an instant target for hacktivists. You can't even call it a hack, it was a walk-in, a travesty", he said.