Anonymous targets security think tank, pilfers sensitive data
Posted on 27 December 2011.
The hacking collective Anonymous has downed the website and stolen client information belonging to Stratfor (Strategic Forecasting Inc.), a US-based research group that gathers intelligence and produces political, economic and military reports that help government organizations and major corporations asses risk.

The breach was announced on Saturday, and the hackers claimed that they have laid their hands on names, home addresses, credit card details and passwords of Stratfor clients, 17,000 of which they have immediately shared with the public in order to prove the veracity of their claims and to incite Internet users to use the credit card details to donate to charities.

They themselves have already done that with a number of credit cards, and have posted some of the receipts to prove it, reports the NYT. Supposedly, they have donated over $1 million to various charities already.

Stratford confirmed the incident on Sunday when it sent an email notification to the organization's clients. "We have reason to believe that the names of our corporate subscribers have been posted on other Web sites. We are diligently investigating the extent to which subscriber information may have been obtained," the email said.

According to Wired, Anonymous claims that this leak is only the beginning, since they pilfered roughly 200 GB of data from four servers belonging to the organization, all of which they intend to make public.

This huge batch allegedly contains around 860,000 usernames, emails, and hashed passwords; internal emails and documents exchanged and worked on by the organization's employees; and around 75,000 credit card details complete with security codes required for no card present transactions.

Unfortunately for the charities that received the donations, the money will have to be returned. As Robin-Hood-like Anonymous' actions may seem at first glance, the ones who will have the greatest problems will be the credit card holders - regular people who more likely than not haven't got much money - and the charities.

Stratfor has been shamed, no doubt about it, but it's unlikely to lose many clients because of the breach. Also, it claims that the confidential client list supposedly stolen by the group has not been compromised.






Spotlight

Android Fake ID bug allows malware to impersonate trusted apps

Posted on 29 July 2014.  |  Bluebox Security researchers unearthed a critical Android vulnerability which can be used by malicious applications to impersonate specially recognized trusted apps - and get all the privileges they have - without the user being none the wiser.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Jul 29th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //