US intelligence analysis firm Stratfor has warned its members whose emails and credit card information were hacked that they could be targeted a second time for speaking out on behalf of the company.
Online “hacktivist” group Anonymous claimed Sunday via Twitter that it had stolen a trove of emails and credit card information from Stratfor’s member subscribers, pledging to carry out additional attacks.
“It’s come to our attention that our members who are speaking out in support of us on Facebook may be being targeted for doing so and are at risk of having sensitive information repeatedly published on other websites,” Stratfor said.
“So, in order to protect yourselves, we recommend taking security precautions when speaking out on Facebook or abstaining from it altogether,” it said on its Facebook page, which it has used to communicate since its website was compromised.
Hackers provided a link on Twitter to what they said was Stratfor’s private client list, which included the US Defense Department, Army, Air Force, law enforcement agencies, top security contractors and technology firms like Apple and Microsoft.
Stratfor however said the disclosure was “merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications.”
The hackers also posted images online claiming to show receipts from donations made by the hackers on behalf of some of Stratfor’s members by using their credit card data.
The hackers said they were able to obtain the information in part because Stratfor did not encrypt it, which could prove a major source of embarrassment to the global intelligence firm.
Stratfor’s website was still down as of Monday evening.
Anonymous has been involved in scores of hacking exploits, including the recent defacing of a website of Syria’s Ministry of Defense to protest a bloody crackdown on anti-government protesters.
Last year, the shadowy group launched retaliatory attacks on companies perceived to be enemies of the anti-secrecy website WikiLeaks.