Forgot your password?
typodupeerror
Privacy Security Your Rights Online

Data Exposed In Stratfor Compromise Analyzed 141

Posted by Unknown Lamer
from the forecast-is-for-doom dept.
wiredmikey writes with an excerpt from an article in Security Week: "Following news that security and intelligence firm Stratfor is downplaying the recent hack of its systems, Identity Finder today shared a detailed analysis of the data released so far by the attackers. Based on the analysis, 50,277 Individual Credit Card Numbers were exposed, but 40,626 are expired, leaving just 9,651 that are not expired. In terms of emails, 86,594 Email addresses were claimed to be exposed by the hackers, but only 47,680 were unique. The hackers have released personal information for Stratfor subscribers whose first names begin with A through M, with N through Z expected to be released soon. In addition to the presently published data compromised during the attack, the attackers claim that 200GB of company email containing 2.7 million emails was captured as well." As of posting, Stratfor's website is still down.
This discussion has been archived. No new comments can be posted.

Data Exposed In Stratfor Compromise Analyzed

Comments Filter:
  • Expired cards (Score:5, Interesting)

    by nstlgc (945418) on Wednesday December 28, 2011 @02:50PM (#38517690)
    Where I live, when your card expires, you just get a new one with the same card number but a few years added to the expiration date. Wouldn't this allow the attackers to reuse some of the expired cards?
  • by jschottm (317343) on Wednesday December 28, 2011 @03:29PM (#38518156)

    Use unique passwords for everything important and use a secure but salted password for various sites. Let's say my generic secure password is $sJ55Pm#

    I salt the secure password between the fives with the initials of the website alternating caps. So my /. password could be $sJ5Sd5Pm# and my World of Warcraft password could be $sJ5WoW5Pm#.

    I only have to remember one good password and a formula. Someone clever enough could hand analyze the passwords and might spot the salting but realistically, very few people are worth that effort.

    which makes me think there's no point in super complex "try and guess THIS one!" passwords.

    One practices good password habits because they help when a site does things properly. Nothing is going to save you if a site is terribly set up but that doesn't mean you should abandon best practices.

When the weight of the paperwork equals the weight of the plane, the plane will fly. -- Donald Douglas

Working...