Hacked Stratfor security think tank keeps site offline
- 8 March 2012
- From the section Technology
Hacked US security firm Stratfor has told its subscribers that it may take a week or even longer to restore its website.
The site went offline on 24 December.
Hackers have posted credit card details, email addresses, phone numbers and encrypted passwords which they said were taken during the attack.
Stratfor has said it will pay for a credit card fraud protection service for members whose payment details might have been compromised by the breach.
Tweets posted on accounts linked to the hacktivist group Anonymous said that the US Department of Defense, the defence firm Lockheed Martin and Bank of America were among Stratfor's clients.
Arecent message posted by @YourAnonNewsadded that other parties affected by the hack included Google, American Express, Coca-Cola, Boeing, Sony, Microsoft and the mining group BHP Billiton.
An email from Stratfor to its subscribers said: "At our expense, we have taken measures to provide our members whose credit card information may have been compromised with access to CSID, a leading provider of global identity protection and fraud detection solutions and technologies.
"We have arranged to provide one year of CSID's coverage to such members at no cost.
"As part of our ongoing investigation, we have also decided to delay the launching of our website until a thorough review and adjustment by outside experts can be completed."
The identity theft prevention service Identity Finder has carried out its ownanalysis of details posted onlineabout hacked clients whose names fell between A and M. It suggested that the attack netted:
- 9,651 unexpired credit card numbers
- 47,680 unique email addresses
- 25,680 unique telephone numbers
- 44,188 encrypted passwords of which roughly half could be "easily cracked"
This list is expected to grow if the hackers publish details of the N to Z list.
A tweetposted to the account @AnonymousIRCon 25 December claimed that $1m (£650,000) had been taken from the hacked accounts and had been given to charity.
Participants in Anonymous have subsequently posted screenshots which allegedly show money being transferred to the charities Red Cross, Save the Children and Care.
The organisations will have to return the money if credit card owners report the charges as being unauthorised. Some supporters of the Anonymous movement have also expressed concern that the charities could theoretically be charged a fee for the return of the transactions.
Anonymous Twitter accounts have also hinted that the hackers planned torelease details of emails harvested in the breach, adding that "Stratfor is not the 'harmless company' it tries to paint itself as.
Stratfor could not be reached for comment. However a video posted by Fred Burton, its vice president of intelligence, to YouTubepromised to provide updates"as more details become available" and offered details about the credit card protection scheme.