Hector Monsegur (aka Sabu) Instigated Stratfor Attack
Hector Xavier Monsegur, the notorious hacker known as Sabu, exits the U.S. District Court for the Southern District of New York in Lower Manhattan following his sentencing May 27, 2014 Reuters

While under the supervision of the FBI, Hector Monsegur (aka Sabu) instigated an attack on the global intelligence gathering company Stratfor which saw 60,000 credit card number stolen as well as millions of highly sensitive emails which were later passed on to WikiLeaks and hacktivist group Anonymous.

Until now, it was believed that Jeremy Hammond, who is currently serving a 10-year sentence for his part in the Stratfor attack, had instigated the breach of the company's network - a company which counted defence contractors, NSA employees and police chiefs among its customers.

Now according to documents seen by the Daily Dot, it was in fact Monsegur and not Hammond who instigated the attack. The revelations mean questions will be asked about how the FBI could allow one of its informants to instigate an attack which led to the publication of 5 million private emails by Wikileaks.

The details of what happened come from thousands of previously unseen chat logs, surveillance photos, and government documents, all currently sealed under a protective order upheld by a federal judge in the Southern District of New York.

Monsegur had been working with the FBI since he was arrested on 6 June, 2011 having been identified as the hacker Sabu, a prominent member of Anonymous and its offshoot LulzSec, who carried out high profile attacks on company's like Sony and EA.

Walked free

After almost three years as an FBI informant, Monsegur last month walked free from a New York court room as a result of his "extraordinarily valuable and productive" cooperation with the agency.

In the official version of events, the FBI has always maintained that Monsegur was informed of the breach of Stratfor by Hammond.

The documents seen by the Daily Dot suggest otherwise.

Sabu and Hyrriiya Chat Logs re Stratfor
A chat log showing where Monsegur first learns about the Stratfor breach from Hyrriiya on 4 December, 2011. Daily Dot

The chat logs obtained by the website show that on 4 December 2011, Monsegur learned that Stratfor had been breached from another hacker called Hyrriiya, and requested access.

A day later, on 5 December, Hammond is informed by Monsegur on a private message of the breach.

The FBI claim that it was not aware of the Stratfor breach until 6 December, but considering it was keeping Sabu under 24-hour surveillance via key loggers and video cameras, it is highly unlikely that the agency didn't know about the security breach when Monsegur learned about it on 4 December.

Most wanted

At the time Hammond was the most wanted cyber criminal in the US and the agency may have seen a huge chance to capture their number one target.

At his trial last year, Hammond claimed that the course of events outlined in these chat logs is what happened, claiming he had been fed the information about Stratfor's security flaw by Monsegur and not the other way around, saying: "The FBI could have stopped me."

The question of whether the FBI engaged in entrapment may not arise however, as this would depend on the FBI having "tricked" Hammond into carrying out the attack on Stratfor, which seems clear wasn't the case.

The bigger question is why the FBI allowed the attack to take place on a company whose customers included defence contractors, police chiefs, and National Security Agency employees open to attack.