News

Identity Theft Threat Looms Large After Recent Anonymous Stratfor Hack

Members of the Army Knowledge Online portal are being warned that their personal information may be at risk due to the recent hack of intelligence analysis company Strategic Forecasting by the online group Anonymous.

The hack over Christmas weekend netted information on hundreds of thousands of accounts, including e-mail addresses and thousands of credit card numbers that Anonymous later posted online.

AKO is warning users about the possibility of identify theft as a result of the hack and is asking anyone who had registered with Stratfor to monitor their credit card statements, change online passwords and report any evidence of fraud to the Army's Criminal Investigative Command, Stars and Stripes reported.

Stratfor, which gathers and supplies security-related intelligence reports to a variety of clients, including the Defense Department and contractor Lockheed Martin, has been known for its secrecy and its confidential client list, according to an entry on Wikipedia.

However, Anonymous has said the hack was relatively easy because the credit card data it took was not encrypted, the Wall Street Journal reported.

Cameron Camp of the ESET Threat Blog also noted that hackers used a dictionary attack to crack passwords, finding passwords such as "password" and "password1."

Among the data published on the Web was information on former Vice President Dan Quayle, former Secretary of State Henry Kissinger and former CIA Director Jim Woolsey. As many as 860,000 accounts may have been exposed, including information on individuals who are no longer active clients of the company. Organizations on Anonymous' list include the Army and Air Force; the Energy, Justice and Treasury departments; the Miami Police Department; Apple; and several other defense contractors.

Stratfor has taken its Web site offline, except for a notice on its homepage referring to the attack and saying the company was performing a security review before restoring its site. Meanwhile, it is issuing updates via its Facebook page and Twitter feed.

An Anonymous posting has said the attack was a response to the pending court-martial of Army Pfc. Bradley Manning, who is accused of giving classified information to the WikiLeaks Web site. The hacker group has threatened to release more information from the breach and on its Twitter feed has suggested that more hacks are forthcoming.

Another goal of the Stratfor attack, according to one hacker, was to use the stolen credit card data to make holiday donations to charities, and several clients have reported those kinds of transactions, the Journal reported.

Allen Barr, who had dealt with bank-related cyber crime for the Texas Department of Banking before retiring recently, told the Journal that $700 had been charged to his credit card account in donations to charities such as the Red Cross and CARE.

Card holders who suspect fraud can challenge the charges and contact one of the three main credit bureaus to submit a fraud alert, the Army's warning notes. 

About the Author

Kevin McCaney is the managing editor of Government Computer News.

Featured

  • Microsoft and SAP Enhance Partnership with Teams Integration

    Microsoft and SAP this week described continuing partnership efforts on Microsoft Azure, while also planning a Microsoft Teams integration with SAP's enterprise resource planning product and other solutions.

  • Blue Squares Graphic

    Microsoft Previews Azure IoT Edge for Linux on Windows

    Microsoft announced a preview of Azure IoT Edge for Linux on Windows, which lets organizations tap Linux virtual machine processes that also work with Windows- and Azure-based processes and services.

  • How To Automate Tasks in Azure SQL Database

    Knowing how to automate tasks in the cloud will make you a more productive DBA. Here are the key concepts to understand about cloud scripting and a rundown of the best tools for automating code in Azure.

  • Microsoft Open License To End Next Year for Government and Education Groups

    Microsoft's "Open License program" will end on Jan. 1, 2022, and not just for commercial customers, but also for government, education and nonprofit organizations.

comments powered by Disqus