Anonymous Hackers group hacked(defaced) website belong to Strategic Forecasting, Inc(STRATFOR) and dumped a database that contains information of their private customers.
The database dump is available in pastebin:
http://pastebin.com/8MtFze0s
AnonymouSabu tweeted "Over 90,000 Credit cards from LEA, journalists, intelligence community and whitehats leaked and used for over a million dollars in donations".
Recent Tweet from anonymouSabu :You think we are done? stratfor was the beginning. Many more whitehats and intelligence targets to go. We are #antisec. We are Anonymous.
Hacked site:
http://www.stratfor.com
Mirror for Hack:
http://zone-h.org/mirror/id/16416728
Part of Defacement Message:
"// OH STRATFOR. IF YOU ONLY KNEW WHAT ALL IS ABOUT TO GO DOWN.
// 'BUT WAIT', YOU ASK. 'IS THIS IT?' 0H N0, WE GOT MORE IN STORE...
// BUT FOR NOW, SOME INSPIRING WORDS OF WISDOM FROM IT MANAGER FRANK GINAC:
"You do realize how preposterous it is to suggest that stratfor simply
shutdown completely for 2 days, right? The plan that you've attached paints a
gloom and doom picture claiming no chance that such a move will succeed. Does
that really seem a rationale conclusion?"
// YOU DONT EVEN KNOW THE EXTENT OF THE GLOOM AND DOOM WE HAVE PLANNED, FRANK
"Attended the TakeDownCon security conference. Focus of the conference was on
wireless and mobile security. No vendors pushing product or service at this
conference. Instead, great presentations by renowned white hat hackers (good
hackers) and security experts. Bottom line is that no mobile platform is
secure, including the Blackberry, but there are best practices that minimize
the risk of their use within the enterprise. We will be incorporating these
best practices in our operation over the coming months."
// INCORPORATING PRACTICES FROM "GOOD WHITE HAT HACKERS"? HOW'D THAT WORK OUT?
"It blew my mind to discover that our email server backups are being stored on
the same physical server. I'm affectionately referring to these little
discoveries as 'Mooney turds'."
// SO SAD WE RM'D YOUR MAIL SERVER AND ALL BACKUPS, FRANK
"Most if not all of us use professional and social networking sites like
LinkedIn and Facebook. All offer levels of privacy ranging from wide open
where everyone can see your profile, activities, and posts to closed allowing
only your immediate connections (or friends) access. As a private intelligence
company we must all take extra care to protect our personal information from
those who would use that information to exploit us personally or
professionally. Although we don't have hard and fast rules on how to set your
privacy settings nor do we restrict use of such sites, I suggest that you
temper your need to share with prudence and consider the business that we are
in. It's also important to check your privacy settings regularly to ensure
that the sites you use haven't changed the meaning or scope of privacy
settings -- we've all heard or read the news regarding this practice at
Facebook. I suggest that you never include any information in your profile --
regardless of privacy setting -- that could be used to compromise your
identity. Specifically, never include: your birth date, your exact street
address (although this information can usually be found on the web quite
easily), your cell phone number, SSN or other government issued ID number
(that should be obvious), or any other information that someone could use to
compromise your identity if your account were compromised."
// EVEN WITH ALL THE BEST SECURITY PRACTICES LEARNED FROM THE "RENOWNED WHITE
// HAT HACKERS" WE STILL MANAGED TO STEAL ALL YOUR PERSONAL INFORMATION. UMAD?
//
// Frank Ginac CC Number: 376792323491009 Expiration: 5/2014 CVV: 9385
// Pass (md5): 6c0e721556401ce239ad454e83f0dc60
// Phone: 512-788-3882 Address: 7901 Bee Caves Road #23 Austin, Texas, 78746"
Defacement Xmas 2011:
