Security Experts:

STRATFOR Attack by AntiSec Delivers Painful Christmas Present

Strategic Forecasting Inc. (Stratfor), a Texas-based intelligence firm that delivers paid briefings on a wide range of topics, suffered a pre-Christmas breach at the hands of those supporting the current incarnation of the AntiSec movement. The fallout has been devastating thus far, but according to comments from those familiar with the breach, this is only the beginning.

Stratfor Cyber AttackOn Christmas Eve, Stratfor’s domain was defaced by supporters of the AntiSec movement. The defacement included quotes from an internal email on security written by Stratfor’s CTO, Frank Ginac. In addition, Ginac’s credit card details, and other personal information was published as part of the defacement’s message.

Moreover, AntiSec supporters released a listing of clients who subscribe to Stratfor’s intelligence briefings. The real damage however, was the plundering of the company’s databases, which included the record information (name, address, credit card data, and password) of some 90,000 people. To date, 34,000 records have been pushed to the public.

“Interestingly, one thing we noticed in the fallout of this catastrophic hack was that STRATFOR hired not one, but two outside consultants to try to bail their sorry asses out of the hellhole of a grave we dug them. Top identity theft protection? Professional security consultant? We'll see how that works out for you, if you ever dare to put your servers back online again. Until then, we’ll be watching and waiting,” a note from AntiSec, published Monday, stated.

Hours after word of the attack spread, Stratfor’s CEO, George Friedman addressed the attacks.

AntiSec Hacks Stratfor“Stratfor and I take this incident very seriously. Stratfor's relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me. We are working closely with law enforcement in their investigation and will assist them with the identification of the individual(s) who are responsible. Although we are still learning more and the law enforcement investigation is active and ongoing, we wanted to provide you with notice of this incident as quickly as possible. We will keep you updated regarding these matters,” his letter said.

To which, someone from Anonymous tweeted: “If Stratfor would give a s**t about their subscriber info they wouldn't store CC/CCV numbers in cleartext, with corresponding addresses.”

In addition to the presently published data compromised during the Stratfor attack, AntiSec’s note said that 200GB of company email was captured as well. There is no word if this will be published, but it’s highly likely that it too will appear online before the year is over.

view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.