The servers of Texas-based global security company Stratfor were infiltrated over the holiday weekend by the “hactivist” group known as Anonymous. The group made their crimes known via Twitter, and posted a link to what they claimed was the confidential and highly-guarded Stratfor client list. The list included organizations such as the U.S. Army, the U.S. Air Force, top security contractors, the Miami Police Department, Microsoft and Apple. Anonymous claims to have stolen 200 gigabytes worth of data.
However, Stratfor claims that the list made public by the hackers is not in fact their top-secret client list.
“The disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications,” said a statement released by Stratfor, according to National Public Radio.
In addition to simply publicizing some of the stolen credit card account numbers and other ill-gotten personal information, Anonymous used some of the stolen cards to make donations to charity and published those receipts online. One alleged member claimed that the ultimate goal was to steal a million dollars in order to dispense it as Christmas donations.
Stratfor is advising all clients to refrain from commenting on the hack in order to avoid being targeted a second time by Anonymous.
“It`s come to our attention that our members who are speaking out in support of us on Facebook may be being targeted for doing so and are at risk of having sensitive information repeatedly published on other websites. So, in order to protect yourselves, we recommend taking security precautions when speaking out on Facebook or abstaining from it altogether,” said Stratfor via their Facebook page.
Anonymous says that it was able to steal the information after gaining access to Stratfor`s servers partially due to the fact that the data was unencrypted. If that is indeed true, it raises a lot of questions regarding Stratfor`s internal security, which is rather embarrassing for the security-related company.