Anonymous targets military-gear site in latest holiday hack

Hackers who took credit for the Stratfor attack say they've breached retailer SpecialForces.com and posted stolen credit cards and passwords.

Michelle Meyers
Michelle Meyers wrote and edited CNET News stories from 2005 to 2020 and is now a contributor to CNET.
Michelle Meyers
2 min read

In what its calling another round of "LulzXmas festivities," an Anonymous-affiliated hacktivst group today is claiming yet another breach and posting of customer information.

On Christmas Day the target was security think tank Strategic Forecasting, or Stratfor. This time it was SpecialForces.com, a Web site that sells military gear.

SpecialForces.com Screenshot by CNET

"Continuing the week long celebration of wreaking utter havoc on global financial systems, militaries, and governments, we are announcing our next target: the online piggie supply store SpecialForces.com," the group wrote in a Pastebin posting today.

The hackers said they breached the SpecialForces.com site months ago, but only just got around to posting the customer data. Even though the site's data was encrypted, they claim to have 14,000 passwords and details for 8,000 credit cards belonging to Special Forces Gear customers.

In a statement to CNET, Special Forces Gear founder Dave Thomas confirmed that his company's Web servers were compromised by Anonymous in late August, resulting in a security breach that allowed the hackers to obtain customer usernames, passwords, and possibly encrypted credit card information in some cases. "We have no evidence of any further security breaches, and we believe that the recent Stratfor incident is being used to bring this old news back into the spotlight," he noted.

Thomas added that the compromised passwords were from a backup of a previous version of the Web site that is more than a year old. "Most of the credit card numbers are expired, and we don't have evidence of any credit card misuse at this time," he wrote. "The current Web site does not store customer passwords or credit card information."

After the security breach, "we completely rebuilt our Web site and hired third-party consultants to help us shore up Web site security," he said, adding that the vast majority of the sites' sales are custom t-shirts and related gifts, and that the company donates a portion of its profits to charity.

Identity Finder, a New York-based data loss and identity theft prevention service, determined that files posted to date by Anonymous and its AntiSec offshoot related to this breach include 7,277 unique credit card numbers; 68,830 e-mail addresses (of which 40,854 are unique); and 36,368 plain-text usernames and passwords, some of which might be duplicates.

In the statement issued today, the hackers also took another shot at Stratfor for its alleged confusion over whether its data had been encrypted or not:

We also laughed heartily whilst these so-called protectors of private property scrambled desperately to recover the sensitive information of all the customers who they wronged by failing to use proper security precautions.

SpecialForces.com does encrypt customer data. "Nevertheless, our voodoo prevailed and we were quickly able to break back into the military supplier's server and steal their encryption keys," the hackers wrote. "We then wrote a few simple functions to recover the cleartext passwords, credit card numbers, and expiration dates to all their customers' cards. That's how we roll."