ap file photoHackers with the loose-knit movement "Anonymous" claimed on Sunday to have stolen a raft of emails and credit card data from U.S.-based security think tank Stratfor

ap file photoHackers with the loose-knit movement "Anonymous" claimed on Sunday to have stolen a raft of emails and credit card data from U.S.-based security think tank Stratfor

'Anonymous' hackers target US security think tank

Hackers with the loose-knit movement “Anonymous” claimed on Sunday to have stolen a raft of emails and credit card data from U.S.-based security think tank Stratfor, promising it was just the start of a weeklong, Christmas-inspired assault on a long list of targets.

Anonymous boasted of stealing Stratfor's confidential client list and mining it for more than 4,000 credit card numbers, passwords and addresses. The real threat appeared posed to individual employees of government agencies and private companies, and one alleged hacker said the goal was to use the credit data to pilfer a million dollars and give it away as Christmas donations.

Images posted claimed to show receipts, and victims confirmed to The Associated Press unauthorized credit card transactions linked to their accounts.

“Not as many as you expected? Worry not, fellow pirates and robin hoods. These are just the “A''s,” read a message posted online that encouraged readers to download a file of the hacked information.

The flood of leaked data started when a Twitter account tied to Anonymous posted a link to what they said was Stratfor's tightly-guarded, confidential client list. Among those on the list: The U.S. Army, the U.S. Air Force and the Miami Police Department.

The rest of the list, which the hacking movement said was a small slice of its 200 gigabytes worth of plunder, included banks, law enforcement agencies, defense contractors and technology firms such as Apple and Microsoft.

“Not so private and secret anymore?” the group taunted in a message on the microblogging site, warning of more mayhem to come.

Austin, Texas-based Stratfor provides political, economic and military analysis to help clients reduce risk, according to a description on its YouTube page. It charges subscribers for its reports and analysis, delivered through the web, emails and videos.

Lt. Col. John Dorrian, public affairs officer for the Air Force, said that “for obvious reasons” the Air Force doesn't discuss specific vulnerabilities, threats or responses to them.

“The Air Force will continue to monitor the situation and, as always, take apporpriate action as necessary to protect Air Force networks and information,” he said in an email.

Miami Police Department spokesman Sgt. Freddie Cruz Jr. said that he could not confirm that the agency was a client of Stratfor, and he said he had not received any information about any security breach involving the police department.

Anonymous said it was able to get the credit details in part because Stratfor didn't bother encrypting them — an easy-to-avoid blunder which, if true, would be a major embarrassment for any security-related company.

Hours after publishing what it claimed was Stratfor's client list, Anonymous tweeted a link to encrypted files online. It said the files contained 4,000 credit cards, passwords and home addresses belonging to individuals on the think tank's private client list.

It also linked to images online that it suggested were receipts for charitable donations made by the group manipulating the credit card data it stole.

“Thank you! Defense Intelligence Agency,” read the text above one image that appeared to show a transaction summary indicating that an agency employee's information was used to donate $250 to a non-profit.

One receipt — to the American Red Cross — had Allen Barr's name on it.

Barr, of Austin, Texas, recently retired from the Texas Department of Banking and said he discovered last Friday that a total of $700 had been spent from his account. Barr, who has spent more than a decade dealing with cybercrime at banks, said five transactions were made in total.

“It was all charities, the Red Cross, CARE, Save the Children. So when the credit card company called my wife she wasn't sure whether I was just donating,” said Barr, who wasn't aware until a reporter with the AP called that his information had been compromised when Stratfor's computers were hacked.

“It made me feel terrible. It made my wife feel terrible. We had to close the account.”

Stratfor said in an email to members that it had suspended its servers and email after learning that its website had been hacked.

“We have reason to believe that the names of our corporate subscribers have been posted on other web sites,” said the email, passed on to The Associated Press by subscribers. “We are diligently investigating the extent to which subscriber information may have been obtained.”

The email, signed by Stratfor Chief Executive George Friedman, said the company is “working closely with law enforcement to identify who is behind the breach.”

“Stratfor's relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me,” Friedman wrote.

Repeated calls to Stratfor went unanswered Sunday and an answering machine thanked callers for contacting the “No. 1 source for global intelligence.” Stratfor's website was down, with a banner saying “site is currently undergoing maintenance.”

Wishing everyone a “Merry LulzXMas” — a nod to its spinoff hacking group Lulz Security — Anonymous also posted a link on Twitter to a site containing the email, phone number and credit number of a U.S. Homeland Security employee.

The employee, Cody Sultenfuss, said he had no warning before his details were posted.

“They took money I did not have,” he told The Associated Press in a series of emails, which did not specify the amount taken. “I think why me? I am not rich.”

One member of the hacking group, who uses the handle AnonymousAbu on Twitter, claimed that more than 90,000 credit cards from law enforcement, the intelligence community and journalists — “corporate/exec accounts of people like Fox” news — had been hacked and used to “steal a million dollars” and make donations.

It was impossible to verify where credit card details were used. Fox News was not on the excerpted list of Stratfor members posted online, but other media organizations including MSNBC and Al Jazeera English appeared in the file.

Anonymous warned it has “enough targets lined up to extend the fun fun fun of LulzXmas through the entire next week.”

The group has previously claimed responsibility for attacks on companies such as Visa, MasterCard and PayPal, as well as others in the music industry and the Church of Scientology.

businessBusiness & Real EstateScience and Technology

Just Posted

San Francisco Giants manager Gabe Kapler, pictured in July at Oracle Park, says team members simultaneously can be “measured and calm” and “looking to push the accelerator.” (Chris Victorio/Special to The Examiner)
How Gabe Kapler sets the tone for Giants’ success with strategy, mindset

‘There’s no doubt in my mind that he’s the hands-down manager of the year’

Artist Agnieszka Pilat, pictured with Spot the Robot Dog from Boston Robotics, has a gallery show opening at Modernism. (Courtesy Agnieszka Pilat)
Screenshots of VCs, Kanye and tech parties by the Bay

In this week’s roundup, Ben Horowitz’s surprising hip-hop knowledge and the chic tech crowd at Shack15

If he secured a full term in the Senate, Newsom would become the most powerful Californian Democrat since Phil Burton at the height of his career, or maybe ever. <ins>(Kevin Hume/The Examiner)</ins>
Firefighters extinguish burning material near Lake Tahoe on Sept. 3 in the wake of the Caldor Fire; environmental scientists say the huge fire is bringing to light deficiencies in forest management. <ins>(Max Whittaker/New York Times)</ins>
Cal Fire, timber industry must face an inconvenient truth

We are logging further into the wildfire and climate crisis

Speaker of the Parliament of Mongolia Gombojav Zandanshatar said his country and San Francisco face similar challenges on issues including COVID recovery and climate change.<ins> (Kevin N. Hume/The Examiner)</ins>
Mongolian leaders meet with tech, film leaders on city tour

‘I really want San Franciscans to meet the new Mongolian generation’

Most Read