Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Stratfor Re-Launches Corporate Website After Cyber Attacks

Following a series of highly publicized cyber attacks that occurred over the holidays, Stratfor today launched a rebuilt version of its website.

During the attacks, hackers stole and released personal information of Stratfor customers, including credit card data and hashed passwords. Attackers also managed to destroy company servers in what, Stratfor says, appeared to be an attempt to silence the company.

Following a series of highly publicized cyber attacks that occurred over the holidays, Stratfor today launched a rebuilt version of its website.

During the attacks, hackers stole and released personal information of Stratfor customers, including credit card data and hashed passwords. Attackers also managed to destroy company servers in what, Stratfor says, appeared to be an attempt to silence the company.

In response, Stratfor said it contracted Internet security firm Sec Theory to rebuild its website, email system and internal infrastructure.

One thing that was obvious based on data released by the hackers, and that Stratfor admitted to, is the fact that it didn’t encrypt credit card data stored on its servers. “We did not encrypt credit card files,” said Stratfor CEO George Friedman. “This was our failure. As the CEO of Stratfor, I take responsibility.”

Following the breach, approximately 860,000 passwords hashes were leaked, with several individuals and groups making a run to crack as many as possible. The Tech Herald was able to quickly crack 81,883 passwords, noting that 49 of them were single characters, and 51 were 15-23 characters long. Still a work in progress, many more passwords have been cracked since.

Stratfor also hired Verizon Business to conduct a forensic review of the hack and said that it was cooperating with the FBI on an investigation.

“We are now in a world in which anonymous judges, jurors and executioners can silence whom they want. This is a new censorship that doesn’t come openly from governments but from people hiding behind masks,” Friedman said.

Stratfor said it has offloaded its e-commerce operations to a third-party, eliminating the need for Stratfor to store credit card information in house.

Advertisement. Scroll to continue reading.

The company said that it will communicate with subscribers about how to obtain new, secure passwords over the next few weeks.

Stratfor originally downplayed the hack of its systems that was credited to Anonymous in support of the AntiSec movement. 

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Karl Triebes has joined Ivanti as Chief Product Officer.

Steven Hernandez has joined USAID as CISO and Deputy CIO.

Data security and privacy firm Protegrity has named Michael Howard as its CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.