Stratfor, a global intelligence firm based in Austin, Texas recently became the latest victim of the online hacker collective Anonymous after their servers were breached over the Christmas weekend and information was stolen. Up until now the website of the security think tank remains offline, with the AntiSec arm of Anonymous claiming full responsibility.
The US-based firm, which Anonymous refers to as "Shadow CIA", provides daily intelligence security and financial briefings using a worldwide network of sources. Their services are used by the U.S. Air Force, Apple and the Miami Police department, among others.
Anonymous has confirmed it plans to release over 2.5 million emails stolen during the intrusions of Stratfor's servers, as well as 860,000 usernames, countless documents and IT support tickets. "Four servers were rooted and wiped," commented a person taking part in the attack, "Charred like ashes, just like what we plan on doing with their old crumbling world."
The loosely knit group of hackers claim the emails provide "smoking guns for a number of crimes," which if true is going to heap further embarrassment on the security firm. They will also face scrutiny from credit card companies after it was revealed they stored the security codes of cards used on its site -- a move most banks prohibit for security reasons.
The security firm took to Facebook on the 24th, posting an update to alert its clients.
On December 24th, an unauthorized party disclosed personally identifiable information and related credit card data of some of our members. We have reason to believe that your personal and credit card data could have been included in the information that was illegally obtained and disclosed.
Also publicly released was a list of our members, which the unauthorized party claimed to be Stratfor's "private clients." Contrary to this assertion, the disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications.
We have also retained the services of a leading identity theft protection and monitoring service on behalf of the Stratfor members that have been impacted by these events. Details regarding the services to be provided will be forwarded in a subsequent email that is to be delivered to the impacted members no later than Wednesday, December 28th.
Anonymous has since taken to its usual release hangout at Pastebin and released a ton of personal data, in addition to playing down rumours that begun circulating suggesting Anonymous were not involved in the attack. They plan to release the entire haul of data in the days leading up to New Year's eve.