On Dec. 24th, hacker collective Anonymous stole credit card info and other sensitive data from U.S. security firm Stratfor, but keeping track of who and what are affected by the scandal can be difficult.
We’ve put together a 10-point FAQ for better understanding the major hacking incident, which blew up in the news cycle on Christmas and continues to worry people as more details are released.
1. What is Stratfor?
Stratfor Global Intelligence is an Austin, Tex.-based security “think tank” that releases a daily newsletter concerning security and intelligence matters all over the world. The company’s clients include the Defense Department, Lockheed Martin and Bank of America.
Stratfor claims to provide “non-ideological, independent analysis of international affairs and security threats.” Many companies and U.S. government agencies have supposedly shared sensitive information with Stratfor to receive threat analyses and advice. So far, Anonymous has not released any data besides credit cards, but it could have WikiLeaks-caliber info that could disrupt companies’ operations and, potentially, national security.
2. What is Anonymous?
Anonymous is sometimes described as a “hacker collective,” a group of individuals who hack for a similar purpose. But Anonymous is really a group only in the sense that multiple people use the name to headline their efforts. Anonymous is made up of individuals who hack into computer systems without permission and take data such as communications records, names, addresses, phone numbers, and credit cards. Anonymous members generally have a “greater good” purpose behind their attacks. For instance, in September, members attacked Texas police computer systems and published 3GB of law enforcement logs, which it justified by saying it would shine a light on police corruption. Anonymous has also hacked into the San Francisco BART public transit system and made broad threats against Facebook.
Hacking attacks by Anonymous are generally organized by a small number of people and as word passes from member to member, others hop on board. Check out our interview with one Anonymous member who details the experience from the inside here.
3. What got hacked?
Anonymous hackers broke into web servers of Stratfor and copied 200 gigabytes worth of data. Thus far, it appears that the hackers have details only about Stratfor customers who purchased Stratfor’s newsletter, but the hackers could easily have more than that. Several reports indicate Anonymous will next release more than 3.3 million client e-mails.
An independent analysis by data loss and identity theft prevention service Identity Finder says that, so far, 9,651 active credit cards, 47,680 unique e-mail addresses, 25,680 unique phone numbers and 44,188 encrypted passwords were hacked from the A through M name list. More details will be released in the coming days as Anonymous publishes the N through Z list of names.
Stratfor looks especially bad in this instance because the credit card data was not encrypted, which means it was much easier than usual for Anonymous to steal and crack open. It’s quite the amateur mistake for a so-called “intelligence” firm.
4. What information has Anonymous published?
Using various Twitter accounts, including @AnonymousIRC and @YourAnonNews, and the site Pastebin, Anonymous has published names, credit card numbers, and encrypted password information. None of what has been posted so far jeopardizes companies or government agencies, but that doesn’t mean other types of sensitive data won’t be posted in the near future.
5. If I’m a Stratfor customer, am I at risk? What should I do?
Todd Feinman, Identity Finder’s CEO, said credit card fraud in this incident has already been “well documented.” Back on Dec. 25, Anonymous posted five receipts of donations it had made to charities using stolen cards.
If you are presently a Stratfor customer or have been one in the past, we’d strongly advise you to contact your credit card company and let them know. It’s possible you’ve already been hacked or will be when more data is released by Anonymous. Letting your credit card company know will ensure that it can watch for suspicious activity or change your account information to prevent fraud.
6. How does the U.S. government use Stratfor?
The U.S. government, including the Department of Defense, uses Stratfor for impartial intelligence and analysis reports of incidents happening around the world. The government has likely shared sensitive data with Stratfor to gain a third-party perspective on its military and diplomatic engagements. It is unclear how much data the government has shared with Stratfor, but it is one of the firm’s many clients.
7. Does this put government data or military operations at risk?
So far, nothing that has been released that will compromise military operations or national security. Stolen credit cards will cause headaches for a lot of people but not endanger them.
However, if Anonymous releases the 3.3 million client e-mails it claims to have, there’s no telling the damage it could cause. When companies and governments provide off-the-record information to Stratfor, they could easily be issuing confidential data. Anonymous has said it is now in possession of a “smoking gun for a number of crimes,” but we will see in the next days if they are just spouting hot air or have something substantial.
8. What will happen to the charities that Anonymous “donated” money to using fraudulent credit card numbers?
Anonymous claims to have donated $500,000 in stolen cash so far to charities. Unfortunately, because it’s stolen money, the credit card companies will take back the money and could make charities pay a small fee per unauthorized trasaction. (Hopefully they won’t.) Mikko Hypponen, chief research officer at F-Secure, explains further:
These anonymous donations will never reach the ones in need. And in fact, these actions will just end up hurting the charities, not helping them.
When credit card owners see unauthorized charges on their cards, they report them to their bank or credit card company. Credit card companies will do a chargeback to the charities, which will have to return the money. In some cases, charities could be hit with with penalties. At the very least, they will lose time and money in handling the chargebacks.
9. Where can I follow up-to-the-minute updates about the Stratfor hack?
Members of Anonymous continue to post Stratfor information via Anonymous’ Twitter accounts, including @AnonymousIRC and @YourAnonNews. At present, those accounts also are heavily attacking the SOPA legislation in the U.S. Congress.
And of course, we will do our best to keep you up to date on the Stratfor incident as more information leaks to the web.
10. What can we expect to come next?
Anonymous has thus far published the credit card numbers of Stratfor customers starting with the letter A an ending with M, and it still plans on publishing customers N through Z. It also plans to release the aforementioned client e-mails to shed “some light on just how clueless this company really is when it comes to database security.” These e-mail spools may have already hit the web, but preliminarily through the “darknet” or a network originally intended for those who want extra privacy. Those who want to read the exchanges through the “darknet” need special permissions to gain access.
Meghan Kelly contributed to this article.
Guy Fawkes photo via pittaya
Filed under: Security
