Christmas Day 'Robin Hood' data breach threatens identities of thousands

Austin, Texas-based Strategic Forecasting (Stratfor) is dealing with the after-effects of a security breach that leaked the credit card numbers, passwords and home addresses of its clients, The Associated Press reports. Stratfor provides political, economic and military analysis to help clients lower their cyber security risks. It works with major financial, defense and technology firms, media companies, government agencies and multiple units of the United Nations.  Its clients include Apple, the U.S. Air Force and the Miami Police Department, according to the Daily Journal. The Christian Science Monitor reports that on Christmas Day, an online hacking group known only as Anonymous released thousands of personal details from Stratfor's private client list, posting links on its Twitter page to information-sharing site Pastebin. While it was initially announced that the hackers had intended to use the stolen identity authentication to donate to charitable organizations in a "Robin Hood" attack, subsequent messages also claimed to target companies that "play fast and loose with their customers' private and sensitive information." "These actions will just end up hurting the charities, not helping them," said Mikko Hypponen of F-Secure, as quoted by the media outlet. "When credit card owners see unauthorized charges on their cards, they will report them to their bank or credit card company. Credit card companies will do a chargeback to the charities, which will have to return the money. In some cases, charities could be hit with penalties." Stratfor attempted to calm its clients with an email later in the day. "The disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications," the firm said, as quoted by the news source. Stratfor has since shut down its website for maintenance and is only able to contact concerned individuals via its Facebook page. The company warned that those who have offered public support via the social network "may be targeted (by Anonymous) for doing so," The Associated Press reports. Anonymous has been responsible for previous attacks on credit card processors Visa and MasterCard, as well as PayPal, groups in the music industry and the Church of Scientology.