Confidential client list safe from Anonymous, Stratfor says
The magnitude of a Christmas Eve attack on Stratfor appears exaggerated by the data bandits
PC World - The damage from a weekend data breach at a think tank on international security issues appears to have been inflated by the assault's perpetrators, the hacker collective known as Anonymous.
After Anonymous ransacked think tank Stratfor's computers and stole away thousands of credit card numbers and other personal information, it claimed to have also clipped the company's confidential client list. That list contains sensitive information about Stratfor's high- profile clients, such as Apple, the U.S. Air Force, and the Miami Police Department.
However, Stratfor denies that Anonymous got the think tank's family jewels. "Contrary to this assertion the disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications," the firm says in an e-mail to its members dated December 25.
Stratfor adds that it had hired an identity theft and monitoring service to assist its members affected by the data breach. Further details on those services will be released to affected members later this week, it says.
On Monday morning, Stratfor's website was offline. Visitors to the location are being greeted to an "undergoing maintenance" screen.
So far, two lists of credit card details have been published to the Internet by Anonymous members, one containing 3956 items, the other with 13,191 items. Some of those numbers have apparently been used to donate large sums of money to charitable organizations such as the American Red Cross and CARE.
While to some it may appear that Anonymous is acting as an Information Age Robin Hood, it may not be doing anyone any favors by ringing up unauthorized charges on other people's credit cards. "These donations will never reach the ones in need," writes security guru Mikko Hypponen at F-Secure. "In fact, these actions will just end up hurting the charities, not helping them."
"When credit card owners see unauthorized charges on their cards, they will report them to their bank or credit card company," he explains. "Credit card companies will do a chargeback to the charities, which will have to return the money. In some cases, charities could be hit with penalties. At the very least, they will lose time and money in handling chargebacks."
The Anonymous attack on Stratfor was made murkier by a disclaimer posted on the Internet saying the group isn't responsible for the action. In an "Emergency Christmas Anonymous Press Release" the Stratfor foray was rapped by parties claiming to represent the collective. They assert that Stratfor is being falsely characterized as another HBGary Federal, a contractor accused of developing dirty tricks schemes for the military. A cyber assault on HBGary Federal earlier this year resulted in its CEO, Aaron Barr, resigning.
"Sabu and his crew are nothing more than opportunistic attention whores who are possibly agent provocateurs," they declare, referring to a well-known Anonymous member.
"As a media source, Stratfor's work is protected by the freedom of press, a principle which Anonymous values greatly," they add.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
Red Hat Enterprise Linux - The Original Cloud Operating System
Linux adoption is growing against a number of measures, such as the
number of supercomputers that run Linux and the size of the contributing...
- OpenStack Hype vs. Reality: CIO Quick Pulse Open-source architecture can enable IT departments to build infrastructure-as-a-service (IaaS) clouds running on standard hardware.
- Building a Bridge to the Next Generation Data Center Selecting a widely adopted operating system is a foundational component of a standardization strategy.
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well... All Cybercrime and Hacking White Papers | Webcasts