A hacktivist group that appears to be associated with Anonymous offshoot LulzSec claimed that it hacked into Stratfor’s network and stole 4,000 credit card numbers and other personal information of the company’s “private clients” and used the information to make charitable contributions. Anonymous, however, said in a press release that it did not carry out the hack, despite media reports that fingered it as the source.
Stratfor admitted that its systems were hacked and that personally identifiable information and credit card data of some of its members were stolen, but it denied that credit card information and other sensitive data of its private clients was compromised.
“The disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications”, Stratfor said on Facebook. The company said it would notify affected members by email no later than Dec. 28.
Stratfor warned its clients not to speak out publicly because of the risk of retaliation.
“It's come to our attention that our members who are speaking out in support of us on Facebook may be being targeted for doing so and are at risk of having sensitive information repeatedly published on other websites. So, in order to protect yourselves, we recommend taking security precautions when speaking out on Facebook or abstaining from it altogether”, the company said.
Stratfor has taken its servers and website offline to investigate the breach.