Stratfor back online after cyberhack

Jan 11, 2012 By CASSANDRA VINOGRAD , Associated Press
The home page of the Stratfor website is seen on a computer monitor in London Wendesday Jan 11, 2012. Security analysis firm Stratfor has relaunched its website after hackers brought down its servers and stole thousands of credit card numbers and other personal information belonging to its clients. Stratfor acknowledged Wednesday that the company had not encrypted customer information a major embarrassment for a security company. (AP Photo/Cassandra Vinograd)

(AP) -- Global intelligence analysis firm Stratfor has relaunched its website after hackers brought down its servers and stole thousands of credit card numbers and other personal information belonging to its customers.

Chief Executive George Friedman acknowledged for the first time Wednesday that the company had not encrypted and said this decision had embarrassed the company.

Loose-knit hacking collective Anonymous, which claimed responsibility for the attack over the Christmas holidays, had said it was able to get the details in part because Stratfor didn't bother encrypting them.

"It was a truly unforgivable failure and I feel awful about it," Friedman told The Associated Press in a telephone interview. "Sometimes in rapid growth, you make a mistake. That's not an excuse, that's not a ... It's an explanation."

Stratfor had previously declined to say if the information was left unencrypted. Members of Anonymous have said it was targeting companies "that play fast and loose with their customers' private and sensitive information."

The company said Wednesday that it was moving its entire e-commerce process to a third-party system, which will eliminate the need to store credit information.

Friedman also revealed that the company was targeted more than once by and had known for some time about a .

He said he was first alerted to a website hack in early December - weeks before Anonymous took to Twitter to boast of bringing down the website and stealing a stash of numbers, emails and other data from the company.

The hackers said then that their goal was to use the stolen credit information to donate to at Christmas, and some victims confirmed unauthorized transactions were made from their credit accounts.

Austin, Texas-based Stratfor is a subscription-based publisher providing political, economic and military analysis to help customers reduce risk. It charges subscribers for its reports and analysis, delivered through the web, emails and videos.

On Tuesday, Friedman said he had met with an FBI agent in early December after being informed by the company's vice president of intelligence that customers' had been stolen.

He said he had felt torn over the need to protect and personally inform customers at the time, but that the FBI was setting the rules and wanted to conduct its investigation without tipping the hackers off.

"It was very important to them that the criminals not know the extent to which we had knowledge of the damage," Friedman explained, saying the FBI had assured him that it had informed credit card companies about compromised cards.

"We were caught between a very difficult situation where the FBI had control of the investigation and expected certain care in that investigation - and the need to protect our customers," said Friedman. "What little we could do, we did."

Still, he said he was under "no illusion" that the breach would be exposed.

"We knew our reputation would be damaged by the revelation, all the more so because we had not encrypted the credit card files," Friedman said in a note to subscribers announcing the website's relaunch.

But he told the AP that subscribers have stood by the company and subscriptions have held up in light of the attack.

"Our customers are primarily focused on the criminals," he said. "Some customers have been critical, but the primary theme isn't that 'you didn't know how to lock the door,' but 'locked or not, what are these people doing coming in?'"

While dismayed over stolen emails in the previous breach, Friedman said he was "stunned" to learn that the company's servers were "effectively destroyed" in another hack on Dec. 24.

"I was absolutely unprepared for their attempt to destroy us," Friedman said, describing how hackers took full control of the servers, overrode the systems and made recovery "just about impossible."

"Our systems were shredded," he explained. "The destruction of our servers and our backups... was clearly intended to take us offline and silence us."

Stratfor said it was continuing to cooperate with an FBI investigation into the attack.

Explore further: LinkedIn membership hits 300 million

not rated yet
add to favorites email to friend print save as pdf

Related Stories

Anonymous releases more Stratfor data

Dec 30, 2011

Online "hacktivist" group Anonymous has released a trove of email addresses and credit card numbers stolen from the website of intelligence analysis firm Stratfor and promised further attacks.

Stratfor warns hacking victims of further woes

Dec 27, 2011

US intelligence analysis firm Stratfor has warned its members whose emails and credit card information were hacked that they could be targeted a second time for speaking out on behalf of the company. ...

'Anonymous' hackers target US security think tank

Dec 25, 2011

Hackers with the loose-knit movement "Anonymous" claimed on Sunday to have stolen a raft of emails and credit card data from U.S.-based security think tank Stratfor, promising it was just the start of a weeklong, ...

US, British officials victims of Stratfor hack: press

Jan 09, 2012

Email addresses and passwords belonging to British, US and NATO officials were posted online following the hacking of a US intelligence analysis firm over Christmas, the Guardian daily reported Monday.

Citigroup says 360,000 affected by hackers

Jun 16, 2011

Hackers stole account information of more than 360,000 of Citigroup Inc.'s U.S. credit card customers in a recent data breach, the bank said Wednesday, almost double the number initially thought.

Recommended for you

LinkedIn membership hits 300 million

Apr 18, 2014

The career-focused social network LinkedIn announced Friday it has 300 million members, with more than half the total outside the United States.

Researchers uncover likely creator of Bitcoin

Apr 18, 2014

The primary author of the celebrated Bitcoin paper, and therefore probable creator of Bitcoin, is most likely Nick Szabo, a blogger and former George Washington University law professor, according to students ...

White House updating online privacy policy

Apr 18, 2014

A new Obama administration privacy policy out Friday explains how the government will gather the user data of online visitors to, mobile apps and social media sites. It also clarifies that ...

User comments : 2

Adjust slider to filter visible comments by rank

Display comments: newest first

not rated yet Jan 11, 2012
"I was absolutely unprepared for their attempt to destroy us," Friedman said, describing how hackers took full control of the servers, overrode the systems and made recovery "just about impossible."
"Our systems were shredded," he explained. "The destruction of our servers and our backups..."

Really? How naive can the CEO be? Did he think they were going to loot the place and NOT set it on fire when they left?
not rated yet Jan 11, 2012
Once they get full control, which they obviously did, you can start flashing the BIOS and really cause some serious trouble. File theft is the least of your worries once they start hacking the BIOS. Turn off all the chip fans, overclock the chips, overspin the drives, over volt the ram and watch the place start smoking.

I cant believe they didnt pull the plug on their servers. If I were them, I might even contemplate suing the FBI for not letting me unplug them.

More news stories

Ex-Apple chief plans mobile phone for India

Former Apple chief executive John Sculley, whose marketing skills helped bring the personal computer to desktops worldwide, says he plans to launch a mobile phone in India to exploit its still largely untapped ...

Health care site flagged in Heartbleed review

People with accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the ...

A homemade solar lamp for developing countries

( —The solar lamp developed by the start-up LEDsafari is a more effective, safer, and less expensive form of illumination than the traditional oil lamp currently used by more than one billion people ...

Floating nuclear plants could ride out tsunamis

When an earthquake and tsunami struck the Fukushima Daiichi nuclear plant complex in 2011, neither the quake nor the inundation caused the ensuing contamination. Rather, it was the aftereffects—specifically, ...

NASA's space station Robonaut finally getting legs

Robonaut, the first out-of-this-world humanoid, is finally getting its space legs. For three years, Robonaut has had to manage from the waist up. This new pair of legs means the experimental robot—now stuck ...

Filipino tests negative for Middle East virus

A Filipino nurse who tested positive for the Middle East virus has been found free of infection in a subsequent examination after he returned home, Philippine health officials said Saturday.

Egypt archaeologists find ancient writer's tomb

Egypt's minister of antiquities says a team of Spanish archaeologists has discovered two tombs in the southern part of the country, one of them belonging to a writer and containing a trove of artifacts including reed pens ...