The loosely-associated band of hackers known as Anonymous claims to have targeted the global intelligence think tank Strategic Forecasting, known as Stratfor, boasting on the microblogging site Twitter that personal information, including credit card numbers, belonging to Stratfor clients had been stolen. As of Monday morning, Stratfor’s Website was down, with a placeholder page saying the site was undergoing maintenance and asking visitors to “check back soon.”
Following the breach, hackers posted the details of the information on the information-sharing site Pastebin. In an email obtained by Reuters Sunday, Stratfor acknowledged an unauthorized breach. “As a result of this incident, the operation of Stratfor’s servers and email have been suspended,” the company wrote. Stratfor also issued an email to its members, which was obtained by the Associated Press, warning that some names and personal information would wind up on other sites.
“We are diligently investigating the extent to which subscriber information may have been obtained,” read the letter, signed by company CEO George Friedman. “Stratfor’s relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me.”
Anonymous has defaced and shut down Websites belonging to the music industry, companies that severed ties with WikiLeaks and various government agencies. The FBI and international law-enforcement agencies have been investigating the attacks and making arrests for the past few months. The Department of Homeland Security has begun to take Anonymous and other non-professional cyber-attackers more seriously as it issued warnings about potential attacks earlier this year.
In September, Obama administration officials spoke about the need for increased penalties for computer crimes in light of increased data breaches and hacking activity. The increase in computer crime, including Anonymous-led distributed denial-of-service attacks, Website attacks where data is stolen and general online mayhem, has led the White House to call for an increase in criminal penalties for computer crimes.
Online attacks have become more serious as attackers target sensitive personal data and corporate secrets and undermine infrastructure security. However, the penalties under the Computer Fraud and Abuse Act don’t match the seriousness or complexity of cyber-crime, Associate Deputy Attorney General James Baker and Secret Service Deputy Special Agent in Charge, Criminal Investigative Division, Pablo Martinez said Sept. 7 in a hearing before the Senate Judiciary Committee. The proposal was based on the White House’s cyber-security plan unveiled in May.
