News

Security intelligence firm Stratfor investigates hacktivist attack

Robert Westervelt, News Director

A hactivist group has claimed it was behind a Christmas Eve attack targeting security intelligence consultancy Stratfor, penetrating the firm’s website and stealing thousands of credit card numbers.

The Austin, Texas-based company, which says it provides non-ideological intelligence data on international affairs and security threats to a wide array of major corporations and local, state and federal agencies, took its website offline following the attack, while investigators determined the extent of the hacktivist attack. A person claiming to be part of the Anonymous hactivist group said it stole thousands of credit card numbers as well as information about the organization’s private client list.

In a message to its clients, Stratfor confirmed its website had been breached and attackers made off with data associated with organizations that purchased its publications. The company said its most sensitive data remains secure.

“The disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications,” wrote Stratfor CEO George Friedman via the company’s

    Requires Free Membership to View

Facebook page.

Friedman said the company is working to restore its website and has retained an outside security consultancy to improve its data security measures. In addition, the company retained an identity theft protection and monitoring service for victims of the breach.  Notification letters will be delivered by Dec. 28, Friedman said.

Various people claiming to be members of Anonymous have posted screenshots showing the credit cards being used to make sizable donations to various charities, according to Mikko Hypponen, chief research officer at F-Secure. Hypponen said the actions only end up hurting the charities. Credit card companies ultimately will chargeback the erroneous charges. 

“In some cases, charities could be hit with penalties. At the very least, they will lose time and money in handling the charge-backs,” Hypponen said.

Anonymous group denies responsibility

In a statement posted Dec. 25 at Pastebin.com, a group calling itself Anonymous said it was not behind the Stratfor breach. The group said the attack was perpetrated by opportunistic attention seekers.

“Stratfor has been purposefully misrepresented by these so-called Anons and portrayed in false light as a company that engages in activity similar to HBGary,” according to the group’s posting on Pastebin. “As a media source, Stratfor's work is protected by the freedom of press, a principle which Anonymous values greatly.”


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: