STRATFOR Global Intelligence Data Loss, Site Defaced

2011-12-24

http://zone-h.org/mirror/id/16416728


Global Intelligence company STRATFOR (Strategic Forecasting, Inc.) had its site defaced, and list of corporate members leaked to pastebin. While the defacement claimed to have "rm'ed" the server, STRATFOR e-mailed its members stating that they are suspending their operations while the compromise is being investigated. A mirror of the defacement is available at zone-h. A chronology and additional details of the breach has been published on zerohedge.com.

Dear Stratfor Member, 

We have learned that Stratfor's web site was hacked by an unauthorized 
party. As a result of this incident the operation of Stratfor's servers 
and email have been suspended. 

We have reason to believe that the names of our corporate subscribers 
have been posted on other web sites. We are diligently investigating 
the extent to which subscriber information may have been obtained. 

Stratfor and I take this incident very seriously. Stratfor's relationship 
with its members and, in particular, the confidentiality of their 
subscriber information, are very important to Stratfor and me. We are 
working closely with law enforcement in their investigation and will 
assist them with the identification of the individual(s) who are responsible. 

Although we are still learning more and the law enforcement investigation 
is active and ongoing, we wanted to provide you with notice of this incident 
as quickly as possible. We will keep you updated regarding these matters. 

Sincerely, 

George Friedman

In their latest statement, Stratfor says "To ease any concerns you may have about your personal information going forward, we have also retained an experienced outside consultant that specializes in such security matters to bolster our existing efforts on these issues as we work to better serve you. We are on top of the situation and will continue to be vigilant in our implementation of the latest, and most comprehensive, data security measures." This sudden concern with security measures and protecting member personal information is rather interesting, considering their own Terms of Service (available via Google cache only at the moment) requires members wishing to cancel their subscription to send an e-mail including their username and password - something any half-competent security professional would know to be a terrible idea.

5.2 To cancel your Individual License, you may call our Customer Services 
Department at 1-877-978-7284 from within the United States and Canada or 
at +1-512-744-4300, option 2 from outside the United States and Canada, 
or send an e-mail request with the subject line "Subscription Cancellation 
Request" to service@stratfor.com. Please be sure to provide your name, address,
 phone number, e-mail address, user name and password for authentication, and 
the reason you want to cancel. Cancellations are processed upon receipt of 
the cancellation request. Upon cancellation, all fees and charges are 
nonrefundable. However, if a user requests cancellation of an Individual 
License with at least an annual term within thirty (30) days following its 
automatic renewal date (see Section 5.1), such request will be honored.

Cryptome is keeping an updated timeline of information that has been posted to Pastebin so far. This includes links to pastebins for a planned release of a large number of internal Stratfor e-mails. There are a variety of reports on the actual number of e-mails that will be included in the release - ">2.5 million, 2.7 million, 3.3 million, or 5 million. The 2.7 million number is referenced in a pastebin dump of 1 sample e-mail, which may make that the most accurate number.


main page ATTRITION feedback