Hackers target US security think tank
London - Hackers on Sunday claimed to have stolen 200 GB of e-mails and credit card data from United States security think tank Stratfor, promising a weeklong Christmas-inspired assault on a long list of targets.
Members of the loose hacking movement known as "Anonymous" posted a link on Twitter to what it said was Stratfor's secret client list - including the US army, the US air force, Goldman Sachs and MF Global.
"Not so private and secret anymore?," the group taunted in a message on the microblogging site.
Anonymous said it was able to get credit details, in part, because Stratfor didn't bother encrypting them.
This is an easy-to-avoid blunder which, if true, would be a major embarrassment for any security company.
Stratfor said in an e-mail to members that it had suspended its servers and e-mail after learning that its website had been hacked.
"We have reason to believe that the names of our corporate subscribers have been posted on other websites," said the e-mail, passed on to The Associated Press. "We are diligently investigating the extent to which subscriber information may have been obtained."
The e-mail, signed by Stratfor Chief Executive George Friedman, said the company is "working closely with law enforcement to identify who is behind the breach".
"Stratfor's relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me," Friedman wrote.
Stratfor's website was down midday on Sunday, with a banner saying "site is currently undergoing maintenance".
Wishing everyone a "Merry LulzXMas" - a reference to spinoff and fellow troublemakers Lulz Security - Anonymous also posted a link on Twitter to a site containing the e-mail, phone number and credit number of a US homeland security employee.
The employee, Cody Sultenfuss, said he had no warning before his details were posted.
"They took money I did not have," he told The Associated Press in an e-mail. "I think why me? I am not rich."
Anonymous warned it has "enough targets lined up to extend the fun fun fun of LulzXmas through the entire next week".
The group has previously claimed responsibility for attacks on companies such as Visa, MasterCard and PayPal, as well as others in the music industry and the Church of Scientology.