Anonymous Hacks Stratfor, Leaked Credit Card Information Used to Donate to Charities (Updated)

A massive quantity of information was obtained by members of Anonymous after they managed to breach the protection measures implemented by security intelligence firm Stratfor. The hacktivists claim that the credit card information obtained was used to make donations to different charities.

The whole operation began on December 24 when a couple of Pastebin files revealed some email samples obtained from the company’s servers, along with 22,640 usernames and clear text passwords belonging to their customers.

After the incident was discovered, George Friedman, Stratfor’s CEO wrote a statement to their clients in which he confirmed that “an unauthorized party” hacked their website, leading to the suspension of servers and email services.

“We have reason to believe that the names of our corporate subscribers have been posted on other web sites. We are diligently investigating the extent to which subscriber information may have been obtained,” he said.

The next day, on December 25, more information was published by the hackers to prove that indeed they managed to take over the organization’s servers. Stratfor’s A client list, 4,000 credit cards and md5 passwords were posted online.

On the same day, a fake press release amazed everyone after it claimed that Anonymous had nothing to do with the hacking operation.

“Whether this is the work of malicious counter-intelligence, some butthurt pacifists, or stratfor employees themselves is unknown. Unfortunately, some main stream news agencies have picked up on this statement, looking for any reason to highlight and exploit any potential ‘inner divisions’ within Anonymous,” the hacktivists said.

After that, emails, passwords, IT work tickets and other data, in total adding up to a few hundred gigabytes, flooded the Internet.

While the hackers thanked Stratfor employees for storing their customers’ data in clear text, making their work easier and allowing them to make over $1 million (700,000 EUR) in donations, F-Secure’s Mikko Hypponen stated that, most probably, the donations “will never reach the ones in need.”

“When credit card owners see unauthorized charges on their cards, they will report them to their bank or credit card company. Credit card companies will do a chargeback to the charities, which will have to return the money. In some cases, charities could be hit with with penalties. At the very least, they will lose time and money in handling chargebacks,” he wrote.

Update. From a YourAnonNews tweet we find out what the hackers managed to obtain 860,000 usernames, details from 75,000 credit cards and more than 2.5 million emails from Stratfor.