The hackers behind the attack on Stratfor released more data swiped from the firm on the Internet, including credit card data and e-mail addresses.
The disclosure of more information Dec. 29 came less than a week after the initial news broke about the hack. On Pastebin, links were posted to different sites with the new information.
“It’s time to dump the full 75,000 names, addresses, CCs and md5 hashed passwords to every customer that has ever paid Stratfor,” according to the post on Pastebin, which was made under the AntiSec banner. “But that’s not all: we’re also dumping ~860,000 usernames, email addresses, and md5 hashed passwords for everyone who’s ever registered on Stratfor’s site,” the post says, adding that 50,000 of the e-mail addresses end in .mil or .gov domains.”
Stratfor responded with a statement on its Facebook page apologizing for the situation.
“Stratfor regrets the latest disclosure of information obtained illegally from the company’s data systems,” the company said in a statement. “We want to assure our customers and friends this was not a new cyber attack but was instead a release of information obtained during the previous security breach. The latest disclosure included credit card information of paid subscribers and many email addresses of those who receive Stratfor’s free services.”
The company has said it is working with law enforcement to address the situation, and advised those affected to sign up for a free identity theft protection service it is offering.
Not long after announcing the successful attack on Stratfor, Anonymous made headlines again when it publicized an attack on Specialforces.com, a Web site that caters to the military and law enforcement communities.
According to data reviewed by Threatpost, details of more than 18,000 customers of the online store were leaked.
