The actual amount of damage from a weekend data breach at a think tank which, ironically, focuses on international security issues is being downplayed by the firm, which said that the Anonymous-led hack did not include access to a “private client” list.
Follow me on Twitter and on Facebook and on Google+
The loosely tied together hacker collective known as Anonymous said that when it broke into think tank Stratfor’s computers, not only did it make away with thousands of credit card numbers, passwords, and other personal information, it also acquired Stratfor’s confidential client list. Included in that list would be sensitive information about Stratfor’s high-profile clients, such as the U.S. Air Force, the Miami Police Department, and even Apple.
Anonymous prompted comparisons to “Robin Hood” when it said it would use the information to make $1 million worth of donations to various charities. On its Facebook page, however, Stratfor said Sunday that the hackers did not access the “private clients” list. The post said,
“Contrary to this assertion the disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications.”
That said, Stratford indicated that some individuals who have come out in support of the company since the hack was acknowledge may face reprisals from Anonymous. Once again using Facebook, Stratfor said,
“It’s come to our attention that our members who are speaking out in support of us on Facebook may be being targeted for doing so and are at risk of having sensitive information repeatedly published on other Web sites. So, in order to protect yourselves, we recommend taking security precautions when speaking out on Facebook or abstaining from it altogether.”
Meanwhile, security analyst Mikko Hypponen warned in a blog post that, Robin Hood comparisons aside, any funds from stolen credit card numbers will never reach any charities, or if they do, will have to be returned. He wrote:
“At the first glance, actions like this look a bit like the actions of Robin Hood—steal from the rich, give to the poor. But unfortunately, in this case the poor won’t get a dime,” Hypponen wrote. “These anonymous donations will never reach the ones in need. And in fact, these actions will just end up hurting the charities, not helping them. At the very least, they will lose time and money in handling the chargebacks.”
A chargeback can occur for a number of reasons, one of which could be a fraudulent charge to an account. When that occurs, the entity that has to return the funds has to pay a chargeback fee.
On Wednesday morning, Stratfor’s website was still offline.