Recent Update: Detailed Analysis of Data Exposed in STRATFOR Cyber Attack
Security and intelligence firm STRATFOR is downplaying a recent hack of its systems that is being credited to Anonymous.
According to a posting on its Facebook page, STRATFOR said the hackers did not get the company’s private client list as has been alleged.
“Contrary to this assertion the disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications,” STRATFOR CEO George Friedman wrote.
During the weekend, hackers with Anonymous posted information stolen from STRATFOR online, including credit card numbers and personally identifiable information belonging to STRATFOR clients. Though members have taken credit for the attack on Twitter, there seems to be some disagreement within the loosely-affiliated collective as to just how involved the group was. For example, a post on Pastebin contends the hack was not the work of Anonymous.
“Stratfor is an open source intelligence agency, publishing daily reports on data collected from the open internet,” according to the statement on Pastebin. “Hackers claiming to be Anonymous have distorted this truth in order to further their hidden agenda, and some Anons have taken the bait.”
In the aftermath of the breach, Friedman warned that victims of the compromise should use caution if they plan to speak out about the situation.
“It’s come to our attention that our members who are speaking out in support of us on Facebook may be being targeted for doing so and are at risk of having sensitive information repeatedly published on other websites,” he wrote. “So, in order to protect yourselves, we recommend taking security precautions when speaking out on Facebook or abstaining from it altogether.”
“We have also retained the services of a leading identity theft protection and monitoring service on behalf of the Stratfor members that have been impacted by these events,” he continued. “Details regarding the services to be provided will be forwarded in a subsequent email that is to be delivered to the impacted members no later than Wednesday, December 28th.”