Hacker collective Anonymous has just dumped 200 GB of names, email addresses and passwords for around 860,000 Stratfor users. Anonymous also exposed credit card numbers for 75,000 paying customers of Stratfor.
Stratfor, a highly trusted source of international intelligence, provides reports on international security and related threats to government and military personnel as well as to the private sector.
It is unknown whether Anonymous gained access to other, more sensitive information during the Stratfor hacks, which occurred on December 24.
“The time for talk is over,” Anonymous wrote last night on Pastebin.
“It’s time to dump the full 75,000 names, addresses, CCs and md5 hashed passwords to every customer that has ever paid Stratfor. But that’s not all: we’re also dumping ~860,000 usernames, email addresses, and md5 hashed passwords for everyone who’s ever registered on Stratfor’s site… Did you notice 50,000 of these email addresses are .mil and .gov?”
Anonymous’ motives for the attack are also somewhat hazy. In last night’s statement, representatives of the movement wrote, “All our lives we have been robbed blindly and brutalized by corrupted politicians, establishmentarians and government agencies sex shops, and now it’s time to take it back.”
In addition to the Stratfor attack and exposure, Anonymous is threatening a new action on New Year’s Eve, December 31.
In addition to “noise demonstrations” outside of jails and prisons, ostensibly to show solidarity and support for the incarcerated, Anonymous says it will unveil “our contributions to project mayhem by attacking multiple law enforcement targets from coast to coast.”
Project Mayhem, a name nabbed from the book and film Fight Club, alludes to the group’s desire to topple (or at least shake up) systems of capitalistic and political power by exposing certain types of information by or on December 12, 2012.
Stratfor’s site has been offline since December 24, and the firm has delayed its website relaunch in order to review its security.
“As part of our ongoing investigation, we have also decided to delay the launching of our website until a thorough review and adjustment by outside experts can be completed,” the company said in an email to VentureBeat earlier this week.
For a detailed account of what happened during the Stratfor hack and what it means, see our 10-part FAQ on Anonymous and Stratfor.
You can't solo security COVID-19 game security report: Learn the latest attack trends in gaming. Access here