Group Tied To Anonymous Also Retrieved Salary & Financial Info On Bank Execs
A group with ties to the hacker group Anonymous as allegedly managed to gain access to an unsecured Bank of America server from one of it’s contractors in Israel. The group known as Par:AnoIA discovered 16 gigabytes of information that included memos and emails that show Bank of America actively spied on private citizens, Anonymous, active members of the Occupy movement, and critics of Bank of America. In their statement, Par:AnoIA states, “We release the received files in full to raise awareness to this issue and to send a signal to corporations and Governments that this is unacceptable.”
It appears that Par:AnoIA was able to get in through to the server by hacking into a Thomson Reuters subsidiary named Clear Forest that provides tools for data mining text and social media. The access to Bank of America’s information was located on an unsecured server in ClearForest’s offices outside of Tel Aviv. Par:AnoIA was able to hack into the source code for ClearForest’s proprietary data mining application, OneCalais that was also on an unsecured server.
In a statement, Par:AnoIA said:
Especially the last point is critical. The source of this release has confirmed that the data was not acquired by a hack but because it was stored on a misconfigured server and basically open for grabs. Even more alarming, the data was retrieved from an Israeli server in Tel Aviv – while ClearForest is based in Tel Aviv it remains unclear why this huge amount of data was stored insecurely on an open server.
Par:AnoIA also stated that they were able to access personnel information about the salaries of Bank of America executives and the executives from other financial institutions from around the world.
“As an unexpected bonus 4.8 Gigabyte of data containing detailed career and salary information of hundred of thousands of executives and employees from various corporations all around the world was found on the same server. The folder was named Bloomberg which could indicate that this data belongs to Bloomberg L.P. On the otherhand the entries are tagged with “reuterscompanycontent” which would point to Thomson Reuters. In any case: What is it was doing on the Israeli server is up to anyone’s guess.
This hack by Par:AnoIA shows how irresponsibly major financial institutions handle the data of their private information and that of their employees. If they handle the information of their employees this way, how hard is it for people to steal the information from credit card holders or deposit holders?
Although that isn’t troubling enough, what is more alarmingly is that Bank of America is funding operations that spy on it’s critics and average people.