Confidential client list safe from Anonymous, says hacker target

The magnitude of a Christmas Eve attack on Stratfor appears exaggerated by the data bandits.

By John P. Mello Jr., PC World |  Security, anonymous, data breach

The damage from a weekend data breach at a think tank on international security issues appears to have been inflated by the assault's perpetrators, the hacker collective known as Anonymous.

After Anonymous ransacked think tank Stratfor's computers and stole away thousands of credit card numbers and other personal information, it claimed to have also clipped the company's confidential client list. That list contains sensitive information about Stratfor's high profile clients, such as Apple, the U.S. Air Force, and the Miami Police Department.

However, Stratfor denies that Anonymous got the think tank's family jewels. "Contrary to this assertion the disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications," the firm says in an e-mail to its members dated December 25.

Stratfor adds that it had hired an identity theft and monitoring service to assist its members affected by the data breach. Further details on those services will be released to affected members later this week, it says.

On Monday morning, Stratfor's website was offline. Visitors to the location are being greeted to an "undergoing maintenance" screen.

So far, two lists of credit card details have been published to the Internet by Anonymous members, one containing 3956 items, the other with 13,191 items. Some of those numbers have apparently been used to donate large sums of money to charitable organizations such as the American Red Cross and CARE.

While to some it may appear that Anonymous is acting as an Information Age Robin Hood, it may not be doing anyone any favors by ringing up unauthorized charges on other people's credit cards. "These donations will never reach the ones in need," writes security guru Mikko Hypponen at F-Secure. "In fact, these actions will just end up hurting the charities, not helping them."

"When credit card owners see unauthorized charges on their cards, they will report them to their bank or credit card company," he explains. "Credit card companies will do a chargeback to the charities, which will have to return the money. In some cases, charities could be hit with penalties. At the very least, they will lose time and money in handling chargebacks."


Originally published on PC World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

SecurityWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness