A HACKING group responsible for stealing thousands of credit card numbers from a US security company has announced that it will make even more damaging disclosures.
Barrett Brown, an activist for Anonymous, a hacking network, told The Times that the group was preparing to release 2.7 million emails obtained from Stratfor, the intelligence company that it hacked over Christmas.
Anonymous has posted online more than 30,000 credit card numbers belonging to clients of Stratfor. They include executives from HSBC and Barclays, a member of the House of Lords, the chief executives of multinational companies and a student from the University of Cambridge.
Anonymous said on Monday that it intended to use the credit card details to donate about $1 million to charity.
Known as “the shadow CIA”, Stratfor uses a vast global network of sources to create daily intelligence briefings relating to geopolitics, global security and financial risk for corporate clients.
Many of these sources risk exposure if their email conversations with Stratfor employees are published, Mr Brown said.
“People talking off the record to a think-tank are going to disclose a lot of information,” he said. “Their identities are likely to be in the emails. Both my grandfathers dropped bombs on people. I’m not blowing up any villages. I want to not inconvenience or damage people but, if we do, I’m not terribly worried about it.
“We’re in a state of conflict with the Government. Either we are going to jail or we’re going to win.”
He added: “I don’t know how many people Stratfor talks to a day but there’s a large possibility that these emails will provide the smoking gun for a number of crimes of extraordinary importance.”
Mr Brown said he had been “authorised” by Anonymous members to offer Stratfor an opportunity to redact the emails. But he added: “The hackers might not do what I tell them to do.”
The group’s threat to release the emails echoes the decision by WikiLeaks to publish online thousands of unredacted diplomatic cables earlier this year.
The details of 1195 credit cards registered in Britain have been leaked, in many cases, with all the information necessary for carrying out fraudulent transactions. The details include mobile phone numbers, users’ date of birth, email and physical addresses, and even CVV numbers – the security digits on the back of a credit card.
John Cutts, the chief executive and founder of Pall Mall Capital, had his personal American Express card number and other details published online.
“It’s a great pain when this occurs,” he said. “I don’t blame Stratfor. If someone wants to hack into a system, they can. I suppose that’s the consequence of using a credit card online.”
Mr Cutts has now cancelled his card. He said that as far as he was aware there had been no unusual activity on his account.
Jeff Hosken, another Stratfor subscriber, said that the breach was “particularly embarrassing” for the security company. “It doesn’t make me happy,” said. “I assume it doesn’t make them happy. I suppose every now and then the bad guys get lucky.”
More than a dozen employees of HSBC appear to have had their details compromised, as well as nine Barclays Banks staff and 12 employees from the defence company BAE Systems.
A spokesman for HSBC said that investigations into the incident were continuing. It is understood that the bank has sent emails to staff who subscribed to Stratfor warning them about the security breach.