NEW YORK – Victims of a data breach at the security analysis firm Stratfor apparently are being targeted a second time after speaking out about the hacking.
Stratfor said on its Facebook page that some individuals who offered public support for the company after it revealed it was hacked “may be being targeted for doing so.”
The loose-knit hacking movement called Anonymous claimed Sunday through Twitter that it had stolen thousands of credit card numbers and other personal information belonging to the company’s clients. Anonymous members posted links to some of the information Sunday and more on Monday.
Stratfor, based in Austin, Texas, said its affected clients and its supporters “are at risk of having sensitive information repeatedly published on other websites.” The company has resorted to communicating through Facebook while its website remains down and its email suspended.
A message posted online Monday by a group asserting it spoke for Anonymous mocked victims who spoke to the Associated Press about the experience of learning that their credit card information was stolen and used to make unauthorized charitable donations. The message also ridiculed someone who criticized the hacking on Facebook, saying “we went ahead and ran up your card a bit.”
A Stratfor spokesman would not say whether the information was encrypted in its database or what the company has learned since the incident began.
Anonymous has said the data was not encrypted. If true, that would be a major embarrassment for a security-related company.
The spokesman, Kyle Rhodes, said the company could not discuss any details because several law enforcement agencies are investigating the incident.
The data was posted in a series of releases in links embedded in online messages that, in turn, were linked to from Twitter.
Stratfor provides political, economic and military analysis to help clients reduce cyber security risks, according to a description on its YouTube page. It charges subscribers for its reports and analysis, delivered through the Web, emails and videos.
The company’s home page carried a banner Monday that said its “website is currently undergoing maintenance.”
The Privacy Rights Clearinghouse, a watchdog that tracks data breaches, made the Stratfor hacking its 121st such incident of the year targeting credit cards.