Anonymous Plays Robin Hood With Stolen Credit Cards
The hacking collective that goes by the name Anonymous appears to have had a busy Christmas weekend. First came word that that its members had attacked and compromised the servers of the global intelligence think tank Stratfor. (The Stratfor site is currently down for maintenance.) Then Anonymous claimed to have used the stolen credit cards to make charitable donations to aid organizations like CARE and the Red Cross.
Some people claiming to represent Anonymous — the lines and affiliations are always difficult to discern — said that the information taken in the attack included user names and passwords of some Stratfor subscribers, plus another 200 gigabytes worth of other data.
Stratfor founder George Friedman confirmed the attack in an email to subscribers; I received it because I’ve been an intermittent Stratfor subscriber over the years. Here’s Friedman’s email:
Dear Stratfor Member,
We have learned that Stratfor’s web site was hacked by an unauthorized party. As a result of this incident the operation of Stratfor’s servers and email have been suspended.
We have reason to believe that the names of our corporate subscribers have been posted on other web sites. We are diligently investigating the extent to which subscriber information may have been obtained.
Stratfor and I take this incident very seriously. Stratfor’s relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me. We are working closely with law enforcement in their investigation and will assist them with the identification of the individual(s) who are responsible.
Although we are still learning more and the law enforcement investigation is active and ongoing, we wanted to provide you with notice of this incident as quickly as possible. We will keep you updated regarding these matters.
And here’s an update to Stratfor subscribers, from Dec. 25:
Dear Stratfor Member,
On December 24th an unauthorized party disclosed personally identifiable information and related credit card data of some of our members. We have reason to believe that your personal and credit card data could have been included in the information that was illegally obtained and disclosed.
Also publicly released was a list of our members which the unauthorized party claimed to be Stratfor’s “private clients.” Contrary to this assertion the disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications.
We have also retained the services of a leading identity theft protection and monitoring service on behalf of the Stratfor members that have been impacted by these events. Details regarding the services to be provided will be forwarded in a subsequent email that is to be delivered to the impacted members no later than Wednesday, December 28th.
In the interim, precautions that can be taken by you to minimize and prevent the misuse of information which may have been disclosed include the following:
- contact your financial institution and inform them of this incident;
- if you see any unauthorized activity on your accounts promptly notify your financial institution;
- submit a complaint with the Federal Trade Commission (“FTC”) by calling 1-877-ID-THEFT (1-877- 438-4338) or online at https://www.ftccomplaintassistant.gov/; and
- contact the three U.S. credit reporting agencies: Equifax (http://www.equifax.com/ or (800) 685-1111), Experian (http://www.experian.com/ or (888) 397-3742), and TransUnion (http://www.transunion.com/ or (800) 888-4213), to obtain a free credit report from each.
Even if you do not find any suspicious activity on your initial credit reports, the FTC recommends that you check your credit reports periodically. Checking your credit reports can help you spot problems and address them quickly.
To ease any concerns you may have about your personal information going forward, we have also retained an experienced outside consultant that specializes in such security matters to bolster our existing efforts on these issues as we work to better serve you. We are on top of the situation and will continue to be vigilant in our implementation of the latest, and most comprehensive, data security measures.
We are also working to restore access to our website and continuing to work closely with law enforcement regarding these matters. We will continue to update you regarding the status of these matters.
Again, my sincerest apologies for this unfortunate incident.
Then came reports that whoever had taken the information — which included credit card numbers — had used the numbers to make donations in the name of the hacking victims. Here’s a link to what is said to be a screen grab following just such a donation to CARE by an employee of the Defense Intelligence Agency.
While some might applaud the apparent cleverness of Anonymous’s “steal from the rich, give to the poor” attitude, it’s unlikely that the charities in question will ever see a dime of the money that’s been “donated” to them. As Mikko Hypponen of F-Secure pointed out here, once the credit cards in question are reported stolen, the charges will be reversed and the charities will more than likely be on the hook for any fees or penalties that result.
As is often the case with a headline-making attack carried out in the name of Anonymous, there followed a series of claims and counterclaims as to whether or not this was an “official” Anonymous attack, or just the work of someone falsely claiming the Anonymous cloak. There was, for instance, this “emergency press release,” claiming that the attack on Stratfor was “most definitely not the work of Anonymous”:
Following that, Anonymous tweeted, via its semi-official Twitter account @AnonymousIRC, that it “laughed so hard” in response to that message — essentially saying it’s a fake. The group has hinted that it is going to be busy over the next several days.