26-12-2011, 05:15 AM
And, found at http://cryptome.org/0005/stratfor-hack.htm :
25 December 2011. A message allegedly to subscribers from George Friedman, Stratfor, was posted to Facebook and Pastebin (below).
25 December 2011. Another paste today with firm names and "B-By" through "C-Cz" client first names and personal information (including credit cards and passwords):
25 December 2011. A paste today denying Anonymous role:
Also today, a file, "stratfor_full_a.txt.gz." And five images of credit card donations:
24 December 2011
STRATFOR Hacked
Related:[/url]
A sends:
Subject: Important Announcement from STRATFOR
Date: Sat, 24 Dec 2011 19:49:58 -0500
From: STRATFOR <mail[at]response.stratfor.com>
Dear Stratfor Member,
We have learned that Stratfor's web site was hacked by an unauthorized party. As a result of this incident the operation of Stratfor's servers and email have been suspended.
We have reason to believe that the names of our corporate subscribers have been posed [sic] on other web sites. We are diligently investigating the extent to which subscriber information may have been obtained.
Stratfor and I take this incident very seriously. Stratfor's relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me. We are working closely with law enforcement in their investigation and will assist them with the identification of the individual(s) who are responsible.
Although we are still learning more and the law enforcement investigation is active and ongoing, we wanted to provide you with notice of this incident as quickly as possible. We will keep you updated regarding these matters.
Sincerely,
George Friedman
STRATFOR
221 W. 6th Street, Suite 400
Austin, TX 78701 US
[url=http://www.stratfor.com/]www.stratfor.com
http://www.facebook.com/stratfor
http://pastebin.com/6a86QSMM
Dec 25th, 2011
On December 24th an unauthorized party disclosed personally identifiable information and related credit card data of some of our members. We have reason to believe that your personal and credit card data could have been included in the information that was illegally obtained and disclosed.
Also publicly released was a list of our members which the unauthorized party claimed to be Stratfor's "private clients." Contrary to this assertion the disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications.
We have also retained the services of a leading identity theft protection and monitoring service on behalf of the Stratfor members that have been impacted by these events. Details regarding the services to be provided will be forwarded in a subsequent email that is to be delivered to the impacted members no later than Wednesday, December 28th.
In the interim, precautions that can be taken by you to minimize and prevent the misuse of information which may have been disclosed include the following:
- contact your financial institution and inform them of this incident;
- if you see any unauthorized activity on your accounts promptly notify your financial institution;
- submit a complaint with the Federal Trade Commission ("FTC") by calling 1-877-ID-THEFT (1-877- 438-4338) or online athttps://www.ftccomplaintassistant.gov/; and
- contact the three U.S. credit reporting agencies: Equifax (http://www.equifax.com/ or (800) 685-1111), Experian (http://www.experian.com/or (888) 397-3742), and TransUnion (http://www.transunion.com/ or (800) 888-4213), to obtain a free credit report from each.
Even if you do not find any suspicious activity on your initial credit reports, the FTC recommends that you check your credit reports periodically. Checking your credit reports can help you spot problems and address them quickly.
To ease any concerns you may have about your personal information going forward, we have also retained an experienced outside consultant that specializes in such security matters to bolster our existing efforts on these issues as we work to better serve you. We are on top of the situation and will continue to be vigilant in our implementation of the latest, and most comprehensive, data security measures.
We are also working to restore access to our website and continuing to work closely with law enforcement regarding these matters. We will continue to update you regarding the status of these matters.
Again, my sincerest apologies for this unfortunate incident.
Sincerely,
George Friedman
25 December 2011. A message allegedly to subscribers from George Friedman, Stratfor, was posted to Facebook and Pastebin (below).
25 December 2011. Another paste today with firm names and "B-By" through "C-Cz" client first names and personal information (including credit cards and passwords):
25 December 2011. A paste today denying Anonymous role:
Also today, a file, "stratfor_full_a.txt.gz." And five images of credit card donations:
The "stratfor_full_a.txt.gz" file contains firm names and personal information (including credit card) for first names beginning with "A" through "Az." Paste quote:
And, Stratfor's A client list of passwords:Attached are ~4000 credit cards, md5 passwords, and home addresses to just a few of Stratfor's "private client list". Not as many as you expected? Worry not, fellow pirates and robin hoods. These are just the "A"s.
24 December 2011
STRATFOR Hacked
Related:[/url]
A sends:
Subject: Important Announcement from STRATFOR
Date: Sat, 24 Dec 2011 19:49:58 -0500
From: STRATFOR <mail[at]response.stratfor.com>
Dear Stratfor Member,
We have learned that Stratfor's web site was hacked by an unauthorized party. As a result of this incident the operation of Stratfor's servers and email have been suspended.
We have reason to believe that the names of our corporate subscribers have been posed [sic] on other web sites. We are diligently investigating the extent to which subscriber information may have been obtained.
Stratfor and I take this incident very seriously. Stratfor's relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me. We are working closely with law enforcement in their investigation and will assist them with the identification of the individual(s) who are responsible.
Although we are still learning more and the law enforcement investigation is active and ongoing, we wanted to provide you with notice of this incident as quickly as possible. We will keep you updated regarding these matters.
Sincerely,
George Friedman
STRATFOR
221 W. 6th Street, Suite 400
Austin, TX 78701 US
[url=http://www.stratfor.com/]www.stratfor.com
http://www.facebook.com/stratfor
http://pastebin.com/6a86QSMM
Dec 25th, 2011
On December 24th an unauthorized party disclosed personally identifiable information and related credit card data of some of our members. We have reason to believe that your personal and credit card data could have been included in the information that was illegally obtained and disclosed.
Also publicly released was a list of our members which the unauthorized party claimed to be Stratfor's "private clients." Contrary to this assertion the disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications.
We have also retained the services of a leading identity theft protection and monitoring service on behalf of the Stratfor members that have been impacted by these events. Details regarding the services to be provided will be forwarded in a subsequent email that is to be delivered to the impacted members no later than Wednesday, December 28th.
In the interim, precautions that can be taken by you to minimize and prevent the misuse of information which may have been disclosed include the following:
- contact your financial institution and inform them of this incident;
- if you see any unauthorized activity on your accounts promptly notify your financial institution;
- submit a complaint with the Federal Trade Commission ("FTC") by calling 1-877-ID-THEFT (1-877- 438-4338) or online athttps://www.ftccomplaintassistant.gov/; and
- contact the three U.S. credit reporting agencies: Equifax (http://www.equifax.com/ or (800) 685-1111), Experian (http://www.experian.com/or (888) 397-3742), and TransUnion (http://www.transunion.com/ or (800) 888-4213), to obtain a free credit report from each.
Even if you do not find any suspicious activity on your initial credit reports, the FTC recommends that you check your credit reports periodically. Checking your credit reports can help you spot problems and address them quickly.
To ease any concerns you may have about your personal information going forward, we have also retained an experienced outside consultant that specializes in such security matters to bolster our existing efforts on these issues as we work to better serve you. We are on top of the situation and will continue to be vigilant in our implementation of the latest, and most comprehensive, data security measures.
We are also working to restore access to our website and continuing to work closely with law enforcement regarding these matters. We will continue to update you regarding the status of these matters.
Again, my sincerest apologies for this unfortunate incident.
Sincerely,
George Friedman
"Where is the intersection between the world's deep hunger and your deep gladness?"