With Anonymous' attack now confirmed by Stratfor security, analysts have expressed concern over the collective's ominous promise that "this is only the beginning."
Anonymous announced the attack 26 December via a post on the Pastebin website. In its statement the collective claimed to have successfully bypassed Stratfor's online security stealing roughly 50,000 credit card numbers, 87,000 email addresses and 44,000 encrypted passwords.
As well as stealing the date, Anonymous' statement went on to claim that the group had already used the stolen credit information to donate $500,000 to a number of unnamed charities.
"As we speak, his little helpers at the North Pole are readying his battle sleigh of lulz with more goodies to bring you LulzXmas joy all week long. Joy in the form of over $500,000 being expropriated from the bigshot clients of Stratfor. You didn't think we'd let 2011 end without a BANG, did you?" read Anonymous' statement.
Stratfor itself is a Texas-based company that produces analysis on international security issues. Its client list includes numerous banks, oil companies and law enforcement agencies.
The attack was later confirmed by Stratfor's chief executive, George Friedman, via the company's Facebook page. "On December 24th an unauthorized party disclosed personally identifiable information and related credit card data of some of our members," read Friedman's opening comment.
Later adding: "We are also working to restore access to our website and continuing to work closely with law enforcement regarding these matters."
As well as the new "LulzXmas" the attack, via its AnonymousIRC Twitter feed the collective also credited the hack as a continuation of its ongoing Anti-Security (AntiSec) campaign, indicating the attacks would continue into the New Year.
"But wait! That's not all folks. 0h hell n0. Tomorrow, we will be dropping another enormous dump on our next target: the entire customer database from an online military and law enforcement supply store. Bring the pain? Shit, we brought the motherf**kin' ruckus." read the Pastebin statement. "[M]ore #LulzXmas coming soon... #ExpectIt #Anonymous #CanIhazRootz," read AnonymousIRC's follow-up tweet.
The new cyber attack follows-up Anonymous' previous campaign against Monsanto. The collective had previously targeted the biotech firm twice, mounting cyber attacks in July and November 2011. The attacks were reportedly done to protest the company's dubious past -- Monsanto was one of the company's listed as providing the U.S. government with Agent Orange during the Vietnam war.