Hacktivists linked to the Anonymous collective managed to steal credit card information from a security firm in the US on Christmas Eve, using it to make donations to charities. The attack against Stratfor, a Texas-based firm which produces analysis on international security issues for international clients, has prompted thousands of private and government organisations to examine their accounts.
Some $500,000 was donated to charities online using the stolen data, according to the hackers, who posted parts of their haul online. The files, which included more than 50,000 credit card numbers of which 10,000 were not expired, named a number of leading businesses, including British oil giant BP.
The group published a sample of what they claimed were emails stolen from Stratfor's servers online. "Just a small preview of the mayhem to come, one out of 2.7 million," an accompanying statement read.
Supporters of the group hailed the Robin Hood nature of the action, while critics pointed out that the fraudulent donations would waste the time of charity staff having to deal with extra administration.
"At the first glance, actions like this look a bit like the actions of Robin Hood - steal from the rich, give to the poor," Mikko Hypponen, a leading commentator on cyber crime, explained to the Daily Telegraph. "In fact, these actions will just end up hurting the charities, not helping them."
He added that when credit card owners see unauthorized charges on their cards, they will simply report them to their bank or credit card company.
"Credit card companies will do a chargeback to the charities, which will have to return the money. In some cases, charities could be hit with penalties. At the very least, they will lose time and money in handling the chargebacks," Mr Hypponen commented.
Meanwhile, George Friedman, chief executive of Stratfor, took to Facebook to acknowledge the attack and apologise to the firm's clients. Explaining that Stratfor has already called in identity theft protection firm, Mr Friedman promised that his organisation would strive to improve the security of its systems.