LONDON — Security analysis firm Stratfor has relaunched its website after hackers brought down its servers and stole thousands of credit card numbers and other personal information belonging to its clients.
Stratfor acknowledged Wednesday that the company had not encrypted customer information — a major embarrassment for a security company.
"This was our failure," Chief Executive George Friedman said in a message to Stratfor's subscribers. "I take responsibility. I deeply regret that this occurred and created hardship for our customers and friends."
Stratfor had previously declined to say if the information was left unencrypted in its database, as was suggested by members of the loose-knit hacking collective Anonymous, which claimed responsibility for the attack.
The company said Wednesday that it was moving its entire e-commerce process to a third-party system, which will eliminate the need to store credit information.
Friedman also revealed that the company was targeted more than once by hackers and had known for some time about a data breach.
He said he was first alerted to the website hack in early December — weeks before the loose-knit hacking movement Anonymous took to Twitter to boast of bringing down the website and stealing a stash of credit card numbers, emails and other data from the company.
The hackers initially claimed their goal was to use the stolen credit information to donate to charities at Christmas, and some victims confirmed unauthorized transactions were made from their credit accounts. The messages also said the hackers are targeting companies "that play fast and loose with their customers' private and sensitive information."
Austin, Texas-based Stratfor provides political, economic and military analysis to help clients reduce risk, according to a description on its YouTube page. It charges subscribers for its reports and analysis, delivered through the web, emails and videos.
On Tuesday, Friedman said he had met with an FBI agent in early December after being informed by the company's vice president of intelligence that customers' numbers had been stolen.
He said he had felt torn over the need to protect and inform customers at the time, but that the FBI assured him then that it had informed credit card companies about compromised cards.
Still, he said he was under "no illusion" that the breach would be exposed.
"We knew our reputation would be damaged by the revelation, all the more so because we had not encrypted the credit card files," Friedman said.
While dismayed over stolen emails, Friedman said he was not prepared to learn that the company's servers were "effectively destroyed" in another hack on Dec. 24.
"Our shock was at the destruction of our servers," Friedman said. "This attack was clearly designed to silence us by destroying our records and the website, unlike most attacks by such groups,"
Stratfor said it was continuing to cooperate with an FBI investigation into the attack.
Cassandra Vinograd can be reached at: http://twitter.com/CassVinograd