STRATFOR Hacked Update 7
27 February 2012. Anonymous allegedly releases "5 million" (not substantiated)
Stratfor emails through WikiLeaks:
John Young @Cryptomeorg
@AnonymousIRC @wikileaks Great show! Will the full raw emails be released
as promised by Anonymous to legitimate media-ized spoon-feeding?
Summary of releases of STRATFOR documents, subscribers' firm names and personal
information (including addresses, telephone numbers, credit card numbers
and passwords), latest release at top:
STRATFOR Hacked Update 6
30 December 2011. A writes that five Pastebin posts of recovered STRATFOR
passwords have been removed as indicated below. In addition, four files from
sources have been removed from Rapid Share (1) and Wikisend (3).
29 December 2011.
Lulzxmas Dumps 860,000 STRATFOR Accounts:
28 December 2011.
Prepping for the Stratfor 5M Email Release
27 December 2011.
These are 28517 of 53281 (54%) passwords from the list of STRATFOR customer
26 December 2011. Firms and personal first names beginning with "D" through
"My" (~ 30,000).
https://rapidshare.com/#!download|44tl6|2444489251|STRATFOR_full_d_m.txt.gz|3255| [Now removed]
And 25,000 IT work tickets:
26 December 2011. Sample Stratfor.com email:
"just a small preview of the mayhem to come. 1 out of 2.7 million"
26 December 2011. STRATFOR leaked accounts (10257 passwords recovered)
25 December 2011. Firms and personal miscellaneous names not in alphabetical
25 December 2011. Firms and personal first names beginning with "B-By" through
"C-Cz" (~4,000) :
25 December 2011. Firms and personal first names beginning with "A" through
"Az" (~ 4,000).
25 December 2011. A message allegedly to subscribers from George Friedman,
Stratfor, was posted to Facebook and Pastebin
25 December 2011. A paste today denying Anonymous role:
And, Stratfor's A client list of passwords:
24 December 2011
Subject: Important Announcement from STRATFOR
Date: Sat, 24 Dec 2011 19:49:58 -0500
From: STRATFOR <mail[at]response.stratfor.com>
Dear Stratfor Member,
We have learned that Stratfor's web site was hacked by an unauthorized party.
As a result of this incident the operation of Stratfor's servers and email
have been suspended.
We have reason to believe that the names of our corporate subscribers have
been posed [sic] on other web sites. We are diligently investigating the
extent to which subscriber information may have been obtained.
Stratfor and I take this incident very seriously. Stratfor's relationship
with its members and, in particular, the confidentiality of their subscriber
information, are very important to Stratfor and me. We are working closely
with law enforcement in their investigation and will assist them with the
identification of the individual(s) who are responsible.
Although we are still learning more and the law enforcement investigation
is active and ongoing, we wanted to provide you with notice of this incident
as quickly as possible. We will keep you updated regarding these matters.
221 W. 6th Street, Suite 400
Austin, TX 78701 US
Dec 25th, 2011
On December 24th an unauthorized party disclosed personally identifiable
information and related credit card data of some of our members. We have
reason to believe that your personal and credit card data could have been
included in the information that was illegally obtained and disclosed.
Also publicly released was a list of our members which the unauthorized party
claimed to be Stratfor's "private clients." Contrary to this assertion the
disclosure was merely a list of some of the members that have purchased our
publications and does not comprise a list of individuals or entities that
have a relationship with Stratfor beyond their purchase of our subscription-based
We have also retained the services of a leading identity theft protection
and monitoring service on behalf of the Stratfor members that have been impacted
by these events. Details regarding the services to be provided will be forwarded
in a subsequent email that is to be delivered to the impacted members no
later than Wednesday, December 28th.
In the interim, precautions that can be taken by you to minimize and prevent
the misuse of information which may have been disclosed include the following:
- contact your financial institution and inform them of this incident;
- if you see any unauthorized activity on your accounts promptly notify your
- submit a complaint with the Federal Trade Commission ("FTC") by calling
1-877-ID-THEFT (1-877- 438-4338) or online at
- contact the three U.S. credit reporting agencies: Equifax
(http://www.equifax.com/ or (800)
(http://www.experian.com/ or (888)
397-3742), and TransUnion
(http://www.transunion.com/ or (800)
888-4213), to obtain a free credit report from each.
Even if you do not find any suspicious activity on your initial credit reports,
the FTC recommends that you check your credit reports periodically. Checking
your credit reports can help you spot problems and address them quickly.
To ease any concerns you may have about your personal information going forward,
we have also retained an experienced outside consultant that specializes
in such security matters to bolster our existing efforts on these issues
as we work to better serve you. We are on top of the situation and will continue
to be vigilant in our implementation of the latest, and most comprehensive,
data security measures.
We are also working to restore access to our website and continuing to work
closely with law enforcement regarding these matters. We will continue to
update you regarding the status of these matters.
Again, my sincerest apologies for this unfortunate incident.