Hacking group releases more Stratfor subscriber data
The data dump includes 75,000 names and addresses of subscribers to the analysis service
IDG News Service - Hackers released another batch of data on Thursday pilfered from Stratfor Global Intelligence, a widely used research and analysis company whose website was attacked last weekend.
The data purports to be the names and credit-card numbers of people who have purchased research from Stratfor plus hundreds of thousands of user names and e-mail addresses used to register with the website.
The hackers, believed to be part of the Anonymous movement, described the data on Pastebin, then provided several links to websites hosting the information. They noted that some 50,000 of the e-mail addresses released end in ".mil" or ".gov."
The data comprises 75,000 names, credit card numbers and MD5 hashes, or cryptographic representations, of passwords for people who have paid Stratfor for research. The group also said the data contains 860,000 user names, e-mail addresses and MD5 hashes for passwords for anyone who has registered on Stratfor's website.
Stratfor said on Thursday that it was offering a free one-year subscription to an identity protection service to those affected.
Stratfor's CEO, George Friedman, wrote on the company's Facebook page on Monday that the intrusion revealed the names of some corporate subscribers along with personal and credit card data.
A first batch of data was released by hackers shortly after the breach. Stratfor denied the hackers' claim that data was a list of "private clients" but rather a list of members who may have purchased a publication.
Barrett Brown, a de facto spokesman for Anonymous, wrote on Pastebin on Monday that the hacking wasn't aimed at stealing credit card numbers but rather 2.7 million internal e-mails.
"This wealth of data includes correspondence with untold thousands of contacts who have spoken to Stratfor's employees off the record over more than a decade," Brown wrote. "Many of those contacts work for major corporations within the intelligence and military contracting sectors, government agencies and other institutions."
Those e-mails have yet to be released and could present another headache for Stratfor. The company's website was still down as of Friday, and officials could not be immediately reached by phone.
Send news tips and comments to email@example.com
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts