Video game developer Rovio has confirmed that hackers defaced its Angry Birds site with an image entitled Spying Birds, featuring an NSA logo.
The attack followed the publication of leaks that indicated the US spy agency and its British counterpart GCHQ had obtained data released by at least one of the Finnish firm’s games.
The company said it did not “collaborate or collude” with any government spy agency.
It added it had quickly fixed its site.
“The defacement was caught in minutes and corrected immediately,” said marketing manager Saara Bergstrom.
“The end user data was in no risk at any point. Due to how the internet name resolution works, for most areas it was not visible at all, but some areas take time for the correct information to be updated.
“This attack looks to be similar to the New York Times attacks from last year.”
The Syrian Electronic Army (SEA) – a group supporting Syrian president Bashar al-Assad – said it carried out an attack on the New York Times last August.
After Tuesday’s attack, a Twitter account associated with the group posted a link to a saved copy of the spoof Angry Birds image and the message: “A friend hacked and defaced @Angrybirds website after reports confirms its spying on people. The attack was by ‘Anti-NSA’ Hacker, He sent an email to our official email with the link of the hacked website.”
On Monday, the New York Times, ProPublica and the Guardian all posted copies of documents obtained from whistle-blower Edward Snowden that suggested the NSA and Britain’s GCHQ had worked together since 2007 to develop ways to gain access to information from applications for mobile phones and tablets.
They said that a GCHQ report, dated 2012, had specifically referred to their ability to snatch details about a user if they had installed Angry Birds on to an Android device.
The report said that the data could include information about the owner’s age, sex, location and even if they were currently listening to music or making a call. It added that the range of information depended in part on which online advertising network Rovio sent the details to.
Following the news, Rovio posted a blog saying it would now reconsider how it shared data with its partners.
“As the alleged surveillance might be happening through third-party advertising networks, the most important conversation to be had is how to ensure user privacy is protected while preventing the negative impact on the whole advertising industry and the countless mobile apps that rely on ad networks,” said Mikael Hed, Rovio’s chief executive.
“In order to protect our end users, we will, like all other companies using third-party advertising networks, have to re-evaluate working with these networks if they are being used for spying purposes.”