Feeds

back to article Stratfor slaps website back online after Anon mega-hack

Stratfor has restored its website to normal operation on Wednesday, more than two weeks after a hack attack by Anonymous that made the global intelligence analyst firm a byword for information insecurity. Members of Anonymous made off with stolen emails and credit-card data after breaking into Stratfor's chronically insecure …

COMMENTS

This topic is closed for new posts.
Anonymous Coward

"soz about the credit cards"

Was there actually an apology? I watched this yesterday and didn't notice one.

0
1
Happy

Donations

"Such transactions are highly likely to be identified and reversed, potentially leaving charities worse off in the process (as a result of charge-back fees)"

Make donations to a political party then... Simples.

2
0
Anonymous Coward

But...

Make sure it's the correct political party, you wouldn't want to charge money to a "right thinking" party, although all the others are fine.

0
0

Party doesn't matter

The party of the members of both the House and Senate don't matter, just if they're in favor of the draconian SOPA and PIPA measures. Trouble is most of those charged would probably want them to keep the donations.

0
0
Anonymous Coward

Hmm

Were they using Microsoft software? That's easily hacked...

0
4
Anonymous Coward

@AC

Worst.

Troll.

Ever.

And, they were using a Unix variant because Anon said they finished off with an "rm -rf *"

2
0
Anonymous Coward

Apology - @AC 12.1.12:1707

As Sophos also noted, this was more of an apology than most hack victims give - a clear acknowledgement that the company failed to scale up appropriately, and shouldn't have been processing its own transactions.

1
0
Anonymous Coward

"As the founder and CEO of Stratfor,

I take responsibility for this failure, which has created hardship for customers and friends, and I deeply regret that it took place"

...and in the light of the above failure, I resign, with immediate effect.

Not.

0
2
Thumb Down

Selfish prick

"With the credit card information stolen, I assumed that the worst was done. I was wrong. "

In other words "We looked bad about the credit cards and I thought that was bad but at least it didn't affect me, then I found out they had fucked with my shit too and that was worse"

The loss of your customers data is the worst aspect of the situation as they are totally blameless and trusted you with that info, whatever happens to your servers etc is secondary to that.

2
1
Silver badge

Tut tut...

Storing credit card details in an unencrypted form is against the merchant card program rules. It certainly is in Europe. Failure to abide by the rules (especially a failure such as this where data was stolen) can result in withdrawal of your card processing facility.

As for the CEO resigning, I guess he is just taking the behaviour of our leaders as an example. Nobody in any lofty position carries any responsibility. On the rare occasions that one is forced out by massive public protest (RBS for example), they still walk away with a "jolly well done" handshake measured in the millions.

1
0
Anonymous Coward

Yeah...

Fred Goodwin, who contrary to the popular reporting by the media at the time, didn't walk away with a massive golden handshake. What happened was that he stayed on to help the new board take over (something which he in no way had to do) for a consultancy fee. This consultancy fee was put directly into his pension.

After all the shouting about it in the press, he gave the consultancy fee for his work back, but that was never reported, either.

However, the current people running RBS get more pay than Fred did and are shredding the company making tens of thousands of people redundant and shipping jobs off to India. Offshoring was something the previous management never did, there were redundancies when RBS took over NatWest, but there were also jobs saved as the then management stopped the branch closure scheme and callcentre offshoring.

0
0
Silver badge
Trollface

"Nobody in any lofty position carries any responsibility."

Except when it comes time to justify their massive salary package to the shareholders..

After that process....well, meh, who cares?

1
0
Bronze badge
FAIL

Sorry, but lack of security isn't one of those problems that comes about with "rapid growth".

However, lack of security IS one of those problems that comes from employing id10ts with zero experience in the real world to build your website.

A quick look at their html source shows it was built with Drupal 7. Also, instead of building a template from the ground up, or even properly tweaking one, they have a tremendous amount of HTML code just commented out... looks like someone didn't exactly know what they are doing and were a little unsure of themselves. Gotta love Kids.

Wonder if they've bothered applying any of the patches...

0
0
This topic is closed for new posts.