Anonymous Denies Hacking Stratfor

Update: Anonymous denies it hacked Stratfor. Here is its press release.

Second Update: Stratfor has sent out this updated message. It may be too little too late. If they didn't encrypt the card data and left full credit card numbers and pins on their servers, it sure doesn't seem like they would be in compliance with PCI Data Security Standards. There will undoubtedly be lawsuits over this. Stratfor can hire the best security firm on the planet now, but its poor judgment is going to cost it subscribers and business and its reputation is going to take a serious hit.

Third Update: There's bickering going on. Sabu responds to a tweeter who says no one else in Anonymous besides #AnonymousIRC and #Anonymous Sabu knew about the hack:

We did the hack under #antisec which is an operation within anonymous. Unsure who made you a leader, but we are decentralized



Original Post

Anonymous has hacked Stratfor, the intelligence think thank, stealing its database of subscribers, email accounts and credit cards.

The group says it will steal $1 million from subscribers (many of whom are U.S. Government and law enforcement agencies, media outlets and big corporations) and redistribute it to the poor.

They say Stratfor is just the first in its week-long Christmas plan. From Twitter:

#Anonymous would like to remind you that no force on earth can stop 100 santas. santarchy.com We are legion. #LulzXmas

Amazingly, Stratfor did not encrypt the credit card data. It confirmed the data breach in an email to subscribers today. [More...]

Anonymous writes on pastebin:

Attached are ~4000 credit cards, md5 passwords, and home addresses to just a few of Stratfor's "private client list". Not as many as you expected? Worry not, fellow pirates and robin hoods. These are just the "A"s.

While the rich and powerful are enjoying themselves with all their bourgeois gifts and lavish meals, our comrade Bradley Manning is not having that great of a time in federal custody. Instead of being heralded as a fighter for free information and government transparency, he is criminalized, marginalized, and incarcerated, threatened with life imprisonment.

We hereby ask that Bradley Manning be given a delicious meal this Lulzxmas, and no, not the "holiday special" in the prison chow hall. We want him out on the streets at a fancy restaurant of his choosing, and we want this to happen in less than five hours.

Here's the e-mail Stratfor sent out:

Dear Stratfor Member,

We have learned that Stratfor's web site was hacked by an unauthorized party. As a result of this incident the operation of Stratfor's servers and email have been suspended.

We have reason to believe that the names of our corporate subscribers have been posed on other web sites. We are diligently investigating the extent to which subscriber information may have been obtained.

Stratfor and I take this incident very seriously. Stratfor's relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me. We are working closely with law enforcement in their investigation and will assist them with the identification of the individual(s) who are responsible.

Although we are still learning more and the law enforcement investigation is active and ongoing, we wanted to provide you with notice of this incident as quickly as possible. We will keep you updated regarding these matters.

George Friedman

This is pretty serious stuff.

< Christmas Eve Open Thread | Will Stratfor Be Liable for the Security Breach? >
  • The Online Magazine with Liberal coverage of crime-related political and injustice news

  • Contribute To TalkLeft

  • Display: Sort:
    Anonymous says they didn't do it. (5.00 / 1) (#1)
    by jeffinalabama on Sun Dec 25, 2011 at 12:01:59 PM EST
    Another group is responsible. Anonymous announcement.

    thanks, I just updated (5.00 / 2) (#2)
    by Jeralyn on Sun Dec 25, 2011 at 12:41:18 PM EST
    Jeralyn (none / 0) (#4)
    by Edger on Sun Dec 25, 2011 at 12:56:46 PM EST
    The quote you have in your post from "anonymous" does not come from the link jeffinalabama posted which claims that the quote you have is not from anonymous. It comes from here: http://pastebin.com/bQ2YHDdw

    I'm not sure what you mean (5.00 / 1) (#5)
    by Jeralyn on Sun Dec 25, 2011 at 02:42:48 PM EST
    In the most recent release, Anonymous is blaming Sabu, a leader of Lulzec, a  splinter group of Anonymous.  #AntiSec (which posted the document dump and release you mention) and Sabu may not speak for Anonymous. Reportedly, Anonymous has no leader so it's hard to tell if anyone really speaks for "the group."

    Lulzec was supposedly defunct and down to 2 members, including leader Sabu, since the other 4 were arrested. Many members of Anonymous may support both, and the groups have teamed up in the past, but they may not the same. EG, Anonymous denied doing the Sony hack.

    I don't know who is responsible for Stratfor, but if it was not Anonymous-endorsed, and group members are saying they didn't do it, they deserve to have their denial heard. Especially since whoever did do it will face serious charges if caught. If the denial is a fake, I'll update.


    Oh no, I agree with you (none / 0) (#6)
    by Edger on Sun Dec 25, 2011 at 03:06:58 PM EST
    I don't the denial is a fake. I was just a bit confused by your update and was thinking you meant the quote in your post as coming from the denial, that's all.

    Awwww shucks (5.00 / 1) (#8)
    by Militarytracy on Mon Dec 26, 2011 at 10:52:43 AM EST
    STRATFOR, wrong on security issues and how best to provide security AGAIN.

    Ssshh. Don't say things like that (none / 0) (#9)
    by Edger on Mon Dec 26, 2011 at 11:04:31 AM EST
    or the Obama Administration will make Stratfor a US Government Department. ;-)

    One of our friends that was here (5.00 / 1) (#10)
    by Militarytracy on Mon Dec 26, 2011 at 11:15:52 AM EST
    for Christmas pays to subscribe.  Hopefully they won't think he's such a scumbag that his wealth must be redistributed :)  They should take my word for it and just feel sorry for him.

    If I was him (5.00 / 0) (#12)
    by Edger on Mon Dec 26, 2011 at 11:33:46 AM EST
    I'd cancel my credit card, just to not have to bother arguing with the bank over fraudulent charges...

    I suppose I should call him and make (none / 0) (#13)
    by Militarytracy on Mon Dec 26, 2011 at 12:02:11 PM EST
    sure he knows about the hack.

    That'll make his day! ;-) (none / 0) (#14)
    by Edger on Mon Dec 26, 2011 at 12:05:22 PM EST
    Stratfor did not encrypt the credit card data? (none / 0) (#3)
    by Edger on Sun Dec 25, 2011 at 12:48:31 PM EST
    There are going to be some Stratfor IT people available for other employment after today, I'd think...

    The kings of the security world must encrypt too? (none / 0) (#11)
    by Militarytracy on Mon Dec 26, 2011 at 11:18:36 AM EST
    What is the world coming to?  When you say STRATFOR we are all supposed to resemble cartoon hyenas saying Mufasa.

    I must admit (none / 0) (#7)
    by lentinel on Sun Dec 25, 2011 at 04:34:47 PM EST
    that this story brings a bit of a smile to my face and a bit of a chuckle.

    I have always wondered what thfk "think tanks" were.
    All I know about them are the strange "experts" from these things that appear on CNN and other similarly unsavory outlets to justify some unsavory government policy.

    I know.

    My bad.

    But if they (whomever they are) did manage to cop a million bucks from some site that didn't even bother to encrypt their information, and it comes from "law enforcement agencies, media outlets and big corporations", and these funds are actually redistributed to poor people...

    Well what can I say.
    Merry Christmas.