Stratfor Relaunches Site as CEO Apologizes for Data Breach

Stratfor is officially back online, although its offer of free access seems to have overburdened its servers. In an email, Stratfor CEO criticized the attackers for targeting them.

Stratfor, also known as Strategic Forecasting, is finally back online after a cyber-attack shut down the site last month.

Stratfor relaunched its newly designed site on Jan. 11, 18 days after a group of individuals claiming to be affiliated with the hacktivist collective Anonymous struck its servers on Dec. 24. The attackers breached Stratfor's servers and stole information related to its subscribers and also defaced the site. The data, including 75,000 credit card numbers and 860,000 usernames and passwords, were dumped online. Nearly 50,000 of those addresses had a .mil or .gov domain.

Shortly after the incident, Stratfor said it was going to delay relaunching the site to bring in a team of consultants and experts to address the underlying security issues and secure the environment. It decided to move all credit card management activities to a third-party company to better protect that type of customer data.

"This was our failure," George Friedman, CEO of Stratfor, said in a message to subscribers, as reported byThe Hacker News. "I take responsibility. I deeply regret that this occurred and created hardship for our customers and friends."

Friedman also revealed that the company had been targeted multiple times and had known for some time about the credit card theft. Friedman was first alerted to the theft in early December, weeks before the attackers publicized the incident on Twitter and Pastebin, he said. He said he didn't disclose the breach immediately because the FBI said there was an ongoing investigation and asked for cooperation.

"I felt bound to protect our customers, who quickly had to be informed about the compromise of their privacy. I also felt bound to protect the investigation," Friedman said. The FBI had informed credit card companies of the breach and had provided a list of compromised cards, so "our customers were therefore protected," he said, adding, "We were not compelled to undermine the investigation."

Stratfor had failed to encrypt credit card data in its database, storing it in cleartext. Analysis of the passwords that had been stolen and dumped revealed some lax security practices, such as not enforcing its own password rules on users when they were creating passwords.

The theft of emails, Website defacement and destruction of four servers occurred on Christmas Eve as a separate attack, according to Friedman. "This attack was clearly designed to silence us by destroying our records and the website," he wrote.

However, Friedman criticized some of the misperceptions that emerged after the attack about what Stratfor does and does not do. There was no distinction made between subscribers, individuals and organizations who purchase publications and clients, who may request customized work, creating the impression that Stratfor received classified intelligence from corporate and government "clients," Friedman said.

"We were no longer an organization that analyzed the world for the interested public, but rather a group of incompetents, and conversely, the hub of a global conspiracy," Friedman said. He said news reports focused on the "incompetents" part while the hacking community focused on the "global conspiracy" part.

The culprits behind the attack had justified their actions by claiming that Stratfor received classified data from governments. "At the core of our business, we objectively acquire, organize, analyze and distribute information," Friedman countered.

"It is interesting that the hacker community is split, with someone claiming to speak for the official Anonymous condemning the hack as an attack on the media, which they don't sanction and another faction defending it as an attack on the rich and powerful," Friedman wrote.

With the relaunch, Stratfor decided to make the site free to all visitors for a limited time.

However, that seems to have backfired as the Website has been down for most of the day.

"Due to the high volume of interest in our new website, we are currently encountering a service interruption. We are working with outside experts to increase our capacity to handle the increased traffic to the new website," according to a message posted at