Email addresses and passwords belonging to British, US and NATO officials were posted online following the hacking of a US intelligence analysis firm over Christmas, the Guardian daily reported Monday.
Online “hacktivist” group Anonymous claimed via Twitter on Christmas Day that it had stolen a trove of emails and credit card information from Stratfor’s member subscribers.
According to analysis carried out for the Guardian by John Bumgarner, an expert in cyber-security at the US Cyber Consequences Unit, a research body in Washington, details of senior British intelligence officials and US defence staff were hacked.
In the US case, details of 173 individuals serving in Afghanistan were publicised, along with the personal details of former vice-president Dan Quayle and former secretary of state Henry Kissinger.
Some 221 British military officials and 242 NATO staff were also victims along with advisers to Britain’s Joint Intelligence Organisation, a body which reports sensitive information to Prime Minister David Cameron, Bumgarner found.
Around 19,000 email addresses belonging to US military personnel were also leaked.
Stratfor, which is based in Texas, specialises in foreign affairs and security issues.
The hacked spreadsheets contained email addresses and encrypted passwords of around 850,000 individuals who had subscribed to the consultancy’s website.
Over 75,000 subscribers also had their credit card numbers and addresses revealed, the Guardian reported.
Experts claim that the encrypted passwords could be cracked quickly using off-the-shelf software.
“We are aware that subscriber details for the Stratfor website have been published in the public domain,” a British government spokesman said.
“At present, there is no indication of any threat to UK government systems.”
The hackers said they were able to obtain the information in part because Stratfor did not encrypt it, which could prove a major source of embarrassment to the global intelligence firm.
Anonymous has been involved in scores of hacking exploits, including the recent defacing of a website of Syria’s Ministry of Defence to protest a bloody crackdown on anti-government protesters.
Last year, the shadowy group launched retaliatory attacks on companies perceived to be enemies of the anti-secrecy website WikiLeaks.