Stratfor hackers publish email, password data
Boston (Reuters) – Hackers affiliated with the Anonymous group published hundreds of thousands of email addresses they claimed belong to subscribers of private intelligence analysis firm Strategic Forecasting Inc.
The list, published late on Thursday, includes email addresses appearing to belong to people working for large corporations, the U.S. military and major defense contractors – information that hackers could potentially use to target them with virus-tainted emails in an approach known as “spear phishing.”
The Antisec faction of Anonymous last weekend disclosed that it had hacked into the firm, which is widely known as Stratfor and is also dubbed a “shadow CIA” because it gathers open-source intelligence on international crises.
The hackers had promised to cause “mayhem” by releasing stolen data from the private group.
Stratfor issued a statement confirming that the published email addresses had been stolen from the company’s database, saying it was helping law enforcement probe the matter and conducting its own investigation.
“At Stratfor, we try to foster a culture of scrutiny and analysis, and we want to assure our customers and friends that we will apply the same rigorous standards in carrying out our internal review,” the statement said.
“There are thousands of email addresses here that could be used for very targeted spear phishing attacks that could compromise national security,” said John Bumgarner, chief technology officer of the U.S. Cyber Consequences Unit, a non-profit group that studies cyber threats.
The Pentagon said it saw no threat so far.
“We are not aware of any compromise to the DOD information grid,” said Lieutenant Colonel Jim Gregory, a spokesman for the Department of Defense, or DOD.
In a posting on the data-sharing website pastebin.com, the hackers said the list included some information from about 75,000 customers of Stratfor and approximately 860,000 people who had registered to use its site. It said that included some 50,000 email addresses belonging to the U.S. government’s .gov and .mil domains.
The list also included addresses at contractors including BAE Systems Plc, Boeing Co, Lockheed Martin Corp and several U.S. government-funded labs that conduct classified research in Oak Ridge, Tennessee; Idaho Falls, Idaho; and Sandia and Los Alamos, New Mexico.
Corporations on the list include Bank of America, Exxon Mobil Corp, Goldman Sachs & Co and Thomson Reuters.
The entries included scrambled versions of passwords. Some of them can be unscrambled using databases known as rainbow tables that are available for download over the Internet, according to Bumgarner.
He said he randomly picked six people on the list affiliated with U.S. military and intelligence agencies to see if he could crack their passwords.
He said he was able to break four of them, each in about a second, using one rainbow table.
(Additional reporting by Tabassum Zakaria in Washington; Editing by Vicki Allen)
Mochila insert follows.