In a statement yesterday Par:AnoIA announced that the content comprises data “related to Bank of America, Bloomberg, Thomson Reuters, TEKSystems (http://teksystems.com) and ClearForest (http://clearforest.com),” and that it contains “data, code and software.”
According to Anonymous, the leak is noteworthy because it includes salary information of thousands of executives – not just BOFA employees – from various corporations around the world; and that BOFA has been using a third-party contractor (TEKSystems) to collect data on private citizens while the quality of the intelligence collected is “poor and potentially false.”
Perhaps most notably, however, this was not an Anonymous operation nor even a hack. “The source of this release,” says the statement, “has confirmed that the data was not acquired by a hack but because it was stored on a misconfigured server and basically open for grabs.” The server is physically located in Tel Aviv, Israel. Anonymous conjectures that its location may have some relation to ClearForest, an Israeli company whose OneCalais text analysis software was also found in the lifted data, along with a module apparently tailored for BOFA use.
“An unexpected bonus,” says Anonymous, was “4.8 Gigabyte of data containing detailed career and salary information of hundred of thousands of executives and employees from various corporations all around the world.” Anonymous conjectures that the data may originate from Bloomberg (the name of the folder that contained it), or Thomson Reuters since much was tagged ‘reuterscompanycontent’. Either way, “What it was doing on the Israeli server is up to anyone’s guess.”
The irony is not lost. It has been known for some time that the banks have been involved in anti-Occupy activities – but BOFA now seems to have provided the Occupy Movement with a trove of data on some of the 1%. Whether the data privacy regulators in countries where their own citizens are among the executives whose details have been exposed will take an interest in this breach remains to be seen. Infosecurity has asked the ICO in the UK for a comment, and will update with any reply.