The breach was announced on Saturday, and the hackers claimed that they have laid their hands on names, home addresses, credit card details and passwords of Stratfor clients, 17,000 of which they have immediately shared with the public in order to prove the veracity of their claims and to incite Internet users to use the credit card details to donate to charities.
They themselves have already done that with a number of credit cards, and have posted some of the receipts to prove it, reports the NYT. Supposedly, they have donated over $1 million to various charities already.
Stratford confirmed the incident on Sunday when it sent an email notification to the organization's clients. "We have reason to believe that the names of our corporate subscribers have been posted on other Web sites. We are diligently investigating the extent to which subscriber information may have been obtained," the email said.
According to Wired, Anonymous claims that this leak is only the beginning, since they pilfered roughly 200 GB of data from four servers belonging to the organization, all of which they intend to make public.
This huge batch allegedly contains around 860,000 usernames, emails, and hashed passwords; internal emails and documents exchanged and worked on by the organization's employees; and around 75,000 credit card details complete with security codes required for no card present transactions.
Unfortunately for the charities that received the donations, the money will have to be returned. As Robin-Hood-like Anonymous' actions may seem at first glance, the ones who will have the greatest problems will be the credit card holders - regular people who more likely than not haven't got much money - and the charities.
Stratfor has been shamed, no doubt about it, but it's unlikely to lose many clients because of the breach. Also, it claims that the confidential client list supposedly stolen by the group has not been compromised.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.