STRATFOR breach

2 minutes estimated reading time

I got an email about 40 minutes ago announcing that STRATFOR were looking into a breach of their servers and email. I’ve always found their analysis on international issues informative and insightful which has helped in my work thinking about international projects with NGOs and in my writing here on this blog. It is one of a a number of media outlets that I pay a subscription to.

Given that Stratfor position themselves as not only domain experts in territories around the world and geopolitics, but also opsec (operational security); the data breach is a shockingly bad own goal. It will be interesting to see how their brand manages to recover. The hackers have made off with a trove of government, academic, media contacts as well as general people like me who are curious about what’s going on in the world.

Dear Stratfor Member,

We have learned that Stratfor’s web site was hacked by an unauthorized party. As a result of this incident the operation of Stratfor’s servers and email have been suspended.

We have reason to believe that the names of our corporate subscribers have been posted on other web sites. We are diligently investigating the extent to which subscriber information may have been obtained.

Stratfor and I take this incident very seriously. Stratfor’s relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me. We are working closely with law enforcement in their investigation and will assist them with the identification of the individual(s) who are responsible.

Although we are still learning more and the law enforcement investigation is active and ongoing, we wanted to provide you with notice of this incident as quickly as possible. We will keep you updated regarding these matters.

Sincerely,

George Friedman

Cryptonome have more details here: complete with the obligatory Pastebin links. Twitter currently has a lively discussion on the hack.

Update (February 2023): Stratfor bought all its subscribers an Equifax monitoring package for their credentials and offered discounted subscriptions. It revamped its infrastructure and carried on. Stratfor never completely recovered from the breach. It eventually sold itself to a larger group Rane. As part of Rane the Stratfor work continues and they still sell expert consultancy.

Rane have since embraced social media to promote its content to prospective customers. The quality is the same high standards as what it used to be under Stratfor before the data breach.