Stratfor, the intelligence consultancy targeted by a hacktivist group in a Christmas Eve attack, has brought its website back online Wednesday following an almost three-week investigation into the scope of the breach of its systems.
We knew our reputation will be damaged by the revelation, your complete more so because we had not encrypted the mastercard files.George Friedman, CEO, Stratfor
George Friedman, CEO of the Austin, Texas-based company, apologized to customers for the Stratfor breach and said the incident has prompted the corporate to enhance security and outsource its payment processes to raised protect customer data. Friedman said the corporate first learned its customer bank card data was stolen in early December when the FBI informed the corporate of the problem.
“We knew our reputation could be damaged by the revelation, all of the more so because we had not encrypted the mastercard files,†Friedman said in a blog post and video message at the company's website. “We worked to enhance our security infrastructure in the confines of time and the will to give protection to the investigation by not letting the attackers know we knew in their intrusion.â€
But Friedman explained that the hackers penetrated the web site again within the Christmas Eve attack, publishing a message at the Stratfor homepage explaining that during addition to stealing mastercard and email addresses, four of the company's servers were destroyed along with data and backups.
The pilfered information included Stratfor account credentials of about 850,000 individuals and the mastercard numbers of about 75,000 paying subscribers. The sensitive information included credentials from 242 Nato staff members, 343 U.S. military personnel deployed in Afghanistan and Iraq, in addition to former U.S. Vice chairman Dan Quayle and previous U.S. Secretary of State Henry Kissinger. The stolen data belonged to subscribers of its reports, not engaged clients that the firm does customized work for, in keeping with Friedman.
Friedman said he has looked for a for the reason that the corporate can be targeted. The hactivists, he said, had mischaracterized Stratford as a “hub of world conspiracy,†instead of a company that provides non-ideological analysis of international affairs and security threats to a wide range of major corporations and native, state and federal agencies. The newest reports at the company website, that are free for a limited time, offer analyses on Syria, Iraq and Lithuania.
The company is offering to pay for an identity theft prevention service for affected customers. Meanwhile Stratfor's email remains down and it's still looking forward to all its archives to be restored. “Our failures had been reviewed and are being rectified,†Friedman said. “No security system is without flaws in spite of the fact that it's far better than Stratfor's was.â€
A group claiming to be related to Anonymous denied responsibility for the Stratfor breach. The stolen charge cards were utilized by the attackers to make sizable donations to numerous charities. The fraudulent charges were reversed.
Nessun commento:
Posta un commento
Comments links could be nofollow free