Alex Constantine - March 3, 2013
Hacktivist group says 14GB of data includes evidence that Bank of America engaged in an effort to "spy and collect information on private citizens."
In its latest salvo against the financial industry, Anonymous claims to have leaked sensitive information related to Bank of America executives and the company's alleged effort to "spy and collect information on private citizens."
Par:AnoIA, a group that identifies itself as the Anonymous Intelligence Agency, said in a press release (PDF) yesterday that it had released 14 gigabytes of data on hundreds of thousands of executives at companies around the world, including Bloomberg, Thomson Reuters, and TEKSystems, which the hackvisit collective claims was hired last year to spy on hackers and social activists.
The group says the data was not acquired during a hack but rather was retrieved from an unsecured server in Israel.
"The source of this release has confirmed that the data was not acquired by a hack but because it was stored on a misconfigured server and basically open for grabs," Par:AnoIA said. "Looking at the data it becomes clear that Bank of America, TEKSystems, and others (see origins of reports) gathered information on Anonymous and other activists' movement on various social-media platforms and public Internet Relay Chat (IRC) channels."
The documents leaked by Anonymous include "intelligence" reports allegedly compiled by TEKSystems on "daily cyber threats" from around the world and Internet activity related to the Occupy Wall Street movement.
The group said the data retrieved revealed research methodology that was "sloppy, random, and valueless."
"Apparently a keyword list was used to match for items of interest on IRC, Twitter, and other social media," the press release said. "While the list has over 10,000 entries, only 1,125 keywords seem to be genuine, the rest are simply Wikipedia references."
CNET has contacted Bank of America for comment and will update this report when we learn more.
The data dump comes three weeks after the U.S. Federal Reserve confirmed that one of its internal Web sites had been hacked, a breach that appears to have occurred around the same time that Anonymous published log-in and private information from more than 4,000 U.S. bank executive accounts.
Bank of America raised the ire of Anonymous in 2010 when it announced that it would no longer process payments for WikiLeaks. Earlier moves by MasterCard, Visa, and PayPal resulted in retaliatory cyberattacks by the hacker group.