US, UK intelligence officials exposed after StratFor hack

American and British politicians and defense and intelligence officials were among the victims of the hack attack on the website of think tank Strategic Forecasting (Stratfor) last Christmas Day.

 

A report on UK's The Guardian said the security breach also exposed the data of North Atlantic Treaty Organization advisers.

 

The report said the private information exposed by the "hacktivists" included those of 221 British military officials and 242 NATO staff; civil servants working at the heart of the UK government including several in the Cabinet Office as well as advisers to the Joint Intelligence Organisation, have also been exposed, the report said.

 

It noted the Joint Intelligence Organisation acts as the prime minister's eyes and ears on sensitive information.

 

The Guardian report said the hackers are believed to be part of the Anonymous hacker group, which hacked into the account information of Stratfor.

 

Some 75,000 paying subscribers also had their credit card numbers and addresses exposed, including 462 UK accounts.

 

John Bumgarner, a cyber-security expert at the Washington-based US Cyber Consequences Unit who analyzed the Stratfor breach for The Guardian, identified much of the data posted by the hackers were the details of hundreds of UK government officials, some of whom work in sensitive areas.

 

Bumgarner found that aside from the 221 officials, details of the leaked database included 19,000 email addresses ending in the .mil domain of the US military.

 

In the US case, Bumgarner found 173 individuals deployed in Afghanistan and 170 in Iraq, as well as personal data from former Vice President Dan Quayle and former secretary of state Henry Kissinger.

 

"Any foreign intelligence service targeting Britain could find these emails useful in identifying individuals connected to sensitive government activities," he said.

 

UK departments

 

Other UK government departments were affected, including seven officials in the Cabinet Office, 45 Foreign Office officials, 14 from the Home Office, 67 Scotland Yard and other police officials, and two employees with the royal household.

 

Also exposed were the data of 23 people who work in the houses of Parliament, including Jeremy Corbyn, Labour MP for Islington North, Lady Nicholson and Lord Roper.

 

The British victims also include officials with the Joint Intelligence Organisation (JIO) responsible for assessing intelligence from all sources, including MI6 secret agents.

 

Bumgarner said officials who did not take extra precautions in securing passwords through dual authentication or other protection systems may find email and other databases compromised.

 

No risk to national security

 

The Guardian report quoted British officials who spoke on condition of anonymity as saying they were aware of the hacking but it did not pose a risk to national security.

 

It said they claimed the passwords for their communications within Whitehall would be different from any used to access the Stratfor sites.

 

Whitehall communications would also be protected by extra security walls, officials said.

 

But they said their personal communications could be at risk if individuals used the same password as they used to access Stratfor for their bank accounts and other personal communications.

 

"We are aware that subscriber details for the Stratfor website have been published in the public domain. At present, there is no indication of any threat to UK government systems. Advice and guidance on such threats is issued to government departments through the Government Computer Emergency Response Team," it quoted a government spokesman as saying. — TJD, GMA News