Official Email Communications

• 3/22/12
• 3/18/12
• 3/6/12
• 3/2/12
• 3/1/12
• 2/29/12
• 2/27/12
• 2/7/12
• 2/3/12
• 1/18/12
• 1/12/12
• 1/11/12
• 1/6/12
• 12/29/11
• 12/28/11
• 12/25/11
• 12/25/11

 

3/22/12

Reclaim your subscriber account now, so you can start getting the reports you want!
Note: We experienced a high volume of site traffic Tuesday morning, which prevented some subscribers from accessing our website. We have resolved the issue, and you can now follow these steps to securely reclaim your subscriber account:

1. Visit Stratfor.com and click on "Reclaim My Account"
2. Enter the email address you have on file with us
3. You will receive an email with a temporary password and further instructions

Your Security
We have rebuilt our entire website and infrastructure with subscriber privacy and security as our main focus. We have partnered with a highly respected Internet security company, as well as a PCI-compliant merchant, to ensure our systems and your information remain safe and secure.

 

3/18/12

It's time to reclaim your subscriber account!
Follow these steps:

1. Visit Stratfor.com and click on "Reclaim My Account"
2. Enter the email address you have on file with us
3. You will receive an email with a temporary PIN and further instructions

Your security: There will be no emailed links or attachments in this process. You can confirm all official emailed communications at Stratfor.com/welcome-back
Questions? Contact feedback@stratfor.com or (512) 744-4300 ext 2

 

3/6/12

We're just a few days off from the launch of our new site!
Soon you'll be able to re-establish your subscriber account. That means you'll be able to customize your email settings, and have more control over which reports you receive.

These are the steps you'll follow on our secure website:

• Request a temporary password
• Create a new password
• Update your billing information
• Set up your email preferences
• Begin receiving customized reports

We'll send you an email as soon as we launch. After that, be sure to reclaim your account as soon as possible so that you can start getting the reports you want!

Your security: There will be no emailed links or attachments in this process. You can confirm all official emailed communications at Stratfor.com/welcome-back
Questions? Contact feedback@stratfor.com or (512) 744-4300 ext 2

 

3/2/12

—Don't forget to view this important message by visiting Stratfor.com

Soon you'll be able to re-establish your subscriber account. That means you'll be able to customize your email settings, and have more control over which reports you receive.

These are the steps you'll follow on our secure website:

• Request a temporary password
• Create a new password
• Update your billing information
• Set up your email preferences
• Begin receiving customized reports

We'll send you more details in the coming days, and let you know as soon as we launch.

Your security: There will be no emailed links or attachments in this process. You can confirm all official emailed communications at Stratfor.com/welcome-back
Questions? Contact feedback@stratfor.com or (512) 744-4300 ext 2

 

3/1/12

This email was sent to Massachusetts residents only in accordance with a state law.

March 1, 2012

Dear Stratfor Member:

As a follow-up to our previous notifications to you regarding the breach of security that occurred in late 2011, we are herby informing you that under Massachusetts law, you have the right to obtain any police report filed in regard to this incident. If you are the victim of identity theft, you also have the right to file a police report and obtain a copy of it.

Massachusetts law also allows consumers to place a security freeze on their credit reports. A security freeze prohibits a credit reporting agency from releasing any information from a consumer’s credit report without written authorization. However, please be aware that placing a security freeze on your credit report may delay, interfere with, or prevent the timely approval of any requests you make for new loans, credit mortgages, employment, housing or other services.

If you have been a victim of identity theft, and you provide the credit reporting agency with a valid police report, it cannot charge you to place, lift or remove a security freeze. In all other cases, a credit reporting agency may charge you up to $5.00 each to place, temporarily lift, or permanently remove a security freeze.

To place a security freeze on your credit report, you must send a written request to each of the three major consumer reporting agencies: Equifax (www.equifax.com); Experian (www.experian.com); and TransUnion (www.transunion.com) by regular, certified or overnight mail at the addresses below:

Equifax Security Freeze
P.O. Box 105788
Atlanta, GA 30348

Experian Security Freeze
P.O. Box 9554
Allen, TX 75013

Trans Union Security Freeze
Fraud Victim Assistance Department
P.O. Box 6790
Fullerton, CA 92834

In order to request a security freeze, you will need to provide the following information:

1. your full name (including middle initial as well as Jr., Sr., II, III, etc.);
2. social security number;
3. date of birth;
4. if you have moved in the past five (5) years, provide the addresses where you have lived over the prior five (5) years;
5. proof of current address such as a current utility bill or telephone bill;
6. a legible photocopy of a government issued identification card (state driver’s license or ID card, military identification, etc.)
7. if you are a victim of identity theft, include a copy of either the police report, investigative report, or complaint to a law enforcement agency concerning identity theft;
8. if you are not a victim of identity theft, include payment by check, money order, or credit card (Visa, MasterCard, American Express or Discover only). Do not send cash through the mail.

The credit reporting agencies have three (3) business days after receiving your request to place a security freeze on your credit report. The credit bureaus must also send written confirmation to you within five (5) business days and provide you with a unique personal identification number (PIN) or password, or both that can be used by you to authorize the removal or lifting of the security freeze.

To lift the security freeze in order to allow a specific entity or individual access to your credit report, you must call or send a written request to the credit reporting agencies by mail and include proper identification (name, address, and social security number) and the PIN number or password provided to you when you placed the security freeze as well as the identities of those entities or individuals you would like to receive your credit report or the specific period of time you want the credit report available. The credit reporting agencies have three (3) business days after receiving your request to lift the security freeze for those identified entities or for the specified period of time.

To remove the security freeze, you must send a written request to each of the three credit bureaus by mail and include proper identification (name, address, and social security number) and the PIN number or password provided to you when you placed the security freeze. The credit bureaus have three (3) business days after receiving your request to remove the security freeze.

If you should have any further questions, please visit our website, stratfor.com or contact Stratfor at 877-978-7284 ext 8001.

Sincerely,

George Friedman
Founder & CEO of Stratfor

You are receiving this communication from Stratfor pursuant to M.G.L. c. 93H and because our records show that you are a resident of the Commonwealth of Massachusetts. This communication is being sent for notification purposes only.

 

2/29/12

 

Stratfor founder George Friedman details the upcoming steps in our return to business, including instructions on reclaiming your subscriber account and the reinstallation of restricted access to the website.

Your security: We are not sending you any links or attachments via email. You can confirm all official emailed communications at Stratfor.com/welcome-back
Questions? Contact feedback@stratfor.com or (512) 744-4300 ext 2

Transcript:
I’m George Friedman, founder and CEO of Stratfor. Since the security breach I've made a few videos, mostly about problems. So I'm especially glad to make one today about solutions.

In the next couple of weeks, you'll be able to access our archives, set your email preferences and use Stratfor as you did before. Essentially, we will be fully back in business, and as a result we will be reaching out to you soon with instructions on reclaiming your subscriber account.

We will walk you through the process of establishing new password and account information -- all of which will be stored in a highly secure environment. We will also resume emailing analysis directly to you based on your preferences, and restore your exclusive access to the website. Our Customer Service team will be standing by to help you during this quick, easy and secure reintegration process.

We've done this in a little over two months. It took some time to rebuild our infrastructure, and we remained committed to doing everything in our power to make sure there is never a repeat of what happened. We did it as fast as we could, without cutting corners. I want to assure you again that our number one priority is to protect your privacy.

We'll also be relaunching our e-commerce capability. All transactions are being handled by an outside firm -- a well-established, highly reputable company that uses advanced encryption and other tools to protect sensitive data, including credit card information.

To be clear: We no longer store any credit card information on Stratfor servers.

We are also not naive. As we return to normal operations, we know that the hackers may continue to attack us in other ways, specifically with spam emails meant to create confusion and chaos. Unfortunately, this is part of the new reality in which we operate. As we have previously warned, please be mindful of any fake emails with bogus web links or attachments. If you have any question about the validity of a communication, contact us at feedback@stratfor.com or look for the email on our website.

As always, we appreciate the loyalty and support that you have expressed, and I personally pledge to bring you the analysis you want in the most secure and convenient way possible.

 

2/27/12

2/7/12

Dear Stratfor Subscriber,

I wanted to warn you that individuals continue to send out false communications that appear to be from Stratfor. These spam emails may contain malware and attachments, and may attempt to lead you to websites that look like our own. They may also attempt to convince you to provide your private information.

In an effort to guard against the dangers posed by these false emails, I have decided to implement a no-link policy with our subscribers for the time being. We will continue to send you emails -- status updates as well as analysis reports -- but we will not include any links in those emails. And we will never include attachments.

We will continue to post copies of all official email communications about the security breach and our website status on Stratfor.com. You can find them by typing Stratfor.com into your browser, and clicking on the green "Latest Subscriber Info" button. We are working on a secure way for you to change your email address with us, which will eradicate this problem. Please bear with us.

Be assured: Our website -- Stratfor.com -- is the most secure place for you to interact with us. You can visit us by typing Stratfor.com into your browser.

I sincerely apologize for the inconvenience and frustration this situation has caused our loyal subscribers and friends.

As always, if you have any comments or questions, please contact feedback@stratfor.com.

Best,
George Friedman

2/3/12

Dear Stratfor Subscriber,

We continue to work aggressively to build secure data systems and fully restore our services. You should currently be getting 2-3 emails a day from us with analysis as well as links to more intelligence content.

Within the next couple of weeks, we will be able to begin re-establishing your subscriber account. You'll then be able to create a new password, update your account information, and configure your email settings. Next week, you'll receive a video of George Friedman describing more details on the process and our approach.

We can't thank you enough for your patience as we work to rebuild our website and infrastructure with enhanced security.

As always, if you have any comments or questions, please contact feedback@stratfor.com. You can also visit www.stratfor.com/hacking-news to check for status updates.

Best,
The Stratfor Team

1/18/12

Dear Stratfor Reader,

Stratfor VP of Intelligence Fred Burton discusses these security tips. This is just a quick reminder that you can find all official Stratfor information regarding the recent hacking incident on www.stratfor.com/hacking-news. You can also visit that site to confirm all official Stratfor emails on the matter, and view information on the only Stratfor-approved identity protection service -- CSID.

Here are a few security precautions you can take:

• Always use strong, unique passwords.
• Beware of email communications from unknown parties, including anyone who offers privacy protection or other solicitations. We've been made aware of emailed solicitation attempts on our subscribers by unknown parties.
• Never open attachments from suspicious emails or provide personal information to unknown parties via email or over the phone.
• Take advantage of the CSID identity protection service we've provided.
• Check your credit reports periodically.

If you have further comments or questions, contact feedback@stratfor.com.

Best,
The Stratfor Team
 

1/12/12

Dear Stratfor Member,

As you know, our new site experienced several service interruptions yesterday due to heavy traffic. We apologize for the inconvenience, and have now increased our capacity.

Many of you have let us know you are ready to get back to business. We have been working nonstop to rebuild our infrastructure and fully restore our member services.

Our first priority is to make our reports available to you, our members. Therefore, until we can securely set up your new account, you will be able to access all reports on site without logging in.

The following will be our general process for reinstating services:

• We aren't at full capacity for emailing our reports, but can email limited numbers of reports. We understand that emails are an essential part of our service and are working to recover this capability. All reports are available on site.
• In the near future, we will begin informing members how to create a new password to access stratfor.com securely.
• You will then be able to log in to our site for full access, and, as before, non-members will only be able to access limited free content.
• After we set up a new, secure e-commerce platform, you will be able to update your account information, including billing.
• We will begin emailing articles and updates according to your email preferences.

We will do our very best to make up for this great inconvenience with you, our loyal subscribers. If you have further comments or questions, contact feedback@stratfor.com.

Best,
The Stratfor Team
 

1/11/12

Dear Stratfor Member,

We are happy to announce that our website is back online. Visit Stratfor.com to view our 2012 Annual Forecast, as well as fresh analyses on Syria, Iraq and Lithuania and our Geopolitical Diary.

Below you will find a special edition of the Geopolitical Weekly by George Friedman on Stratfor's security breach.

We may experience brief service interruptions as we work to handle the high level of interest in the new website. If you have trouble connecting to the new site, please check back again soon.

While we continue to rebuild our infrastructure and website capabilities, you will be able to access our content online without having to log in. We are aggressively implementing our plan to reintegrate customers securely, as this is our top priority. In the next several days, we will be informing you about how to establish a new password and update your billing information. In the meantime, visit our website to read fresh content every day.

We deeply regret that an unauthorized party illegally obtained and disclosed the credit card data of some of you. We are making certain that this will never happen again by having a third party with appropriate security safeguards handle all credit card transactions in the future. We hope that you have taken advantage of the CSID identity protection service we have provided.

We understand that you have many questions. Check out www.stratfor.com/hacking-news, a website we've created to give you a full rundown of the incident and our plan to address your concerns.

Please contact us at feedback@stratfor.com with any questions, as well as any comments you may have on the Geopolitical Weekly below.

Thank you again for your patience as we work to secure our website and resume normal operations.
- The Stratfor Team
 

1/6/12

To verify the validity of this communication from Stratfor, please view this video of our VP of Intelligence, Fred Burton, which references and authenticates this email.

Dear Stratfor Reader,

While addressing matters related to the breach of Stratfor’s data systems, the company has been made aware of false and misleading communications that have circulated within recent days. Specifically, there is a fraudulent email that appears to come from George.Friedman[at]Stratfor.com.

I want to assure everyone that this is not my email address and that any communication from this address is not from me. I also want to assure everyone that Stratfor would never ask customers and friends to provide personal information through the type of attachment that was part of the email at issue. This email, and all similar ones, are false and attempt to prey on the privacy concerns of customers and friends. We strongly discourage you from opening such attachments. We deeply regret the inconvenience this latest development has created.

While Stratfor works to reestablish its data systems and web presence, we ask everyone to please look for official communications, such as this one, and to monitor the Stratfor Facebook page and Twitter feed for company-approved communications.

Thank you for your patience.

Please direct any questions and concerns to feedback@stratfor.com.

Sincerely,

George Friedman
 

12/29/11

Here's a joint announcement we made today together with CSID, a leading provider of identity protection solutions. As you may know, we've arranged for our paid subscribers to receive one year of identity protection from CSID. More details below.

http://www.csid.com/news/stratfor-moves-to-assist-customers-victimized-by-security-breach/
Stratfor Moves to Assist Customers Victimized by Security Breach | CSID
www.csid.com
CSID is a leading provider of global, enterprise-level identity protection and fraud detection technologies and solutions.

12/28/11

Dear readers,

As you may have heard, an unauthorized party illegally obtained and disclosed personally identifiable information and related credit card data of some of our members.

We deeply regret that this event has occurred, and we are working to prevent it from happening again.

Our highest concern is the impact that this has had on you, our loyal members and friends.

As a result and at our expense, we have taken measures to provide our members whose personally identifiable information may have been compromised with access to CSID, a leading provider of global identity protection and fraud detection solutions and technologies.

We have arranged to provide one year of CSID’s coverage to you at no cost. Members, please take advantage of this service.

Here’s a video featuring Stratfor’s VP of Intelligence, Fred Burton, discussing our members’ CSID coverage.  Watch Video

Should you have any questions regarding the coverage or the sign up process, please contact CSID’s Identity Care Center at the phone numbers listed below, 24-hours a day, 7-days a week, or e-mail support@csid.com.

As part of our ongoing investigation, we have also decided to delay the launching of our website until a thorough review and adjustment by outside experts can be completed.

We expect this to take approximately a week, but it might take longer – please bear with us as we recover from this unfortunate event.

In the meantime, we will not be deterred from doing what we do best: providing our customers with top-notch geopolitical analysis.

Therefore, while our website is being tested we will be sending geopolitical analysis to our members via email. If you do not wish to have our analytical content emailed to you, please contact us at feedback@stratfor.com and we will remove you from that distribution list.

Please also use this email address to let us know your thoughts about this situation.

We want to hear from you.

To say we wish this hadn’t happened is a massive understatement.

As I have stated in prior emails to you, I sincerely apologize for these unfortunate events. Our investigation and coordination with law enforcement is ongoing, and we will continue to update you as more details become available.

Sincerely,

George Friedman

12/25/11

On December 24th an unauthorized party disclosed personally identifiable information and related credit card data of some of our members. We have reason to believe that your personal and credit card data could have been included in the information that was illegally
obtained and disclosed.

Also publicly released was a list of our members which the unauthorized party claimed to be Stratfor's "private clients." Contrary to this assertion the disclosure was merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications.

We have also retained the services of a leading identity theft protection and monitoring service on behalf of the Stratfor members that have been impacted by these events. Details regarding the services to be provided will be forwarded in a subsequent email that is to be delivered to the impacted members no later than Wednesday, December 28th.

In the interim, precautions that can be taken by you to minimize and prevent the misuse of information which may have been disclosed include the following:

- contact your financial institution and inform them of this incident;
- if you see any unauthorized activity on your accounts promptly notify your financial institution;
- submit a complaint with the Federal Trade Commission ("FTC") by calling 1-877-ID-THEFT (1-877- 438-4338) or online at https://www.ftccomplaintassistant.gov/; and
- contact the three U.S. credit reporting agencies: Equifax (http://www.equifax.com/ or (800) 685-1111), Experian (http://www.experian.com/ or (888) 397-3742), and TransUnion (http://www.transunion.com/ or (800) 888-4213), to obtain a free credit report from each.

Even if you do not find any suspicious activity on your initial credit reports, the FTC recommends that you check your credit reports periodically. Checking your credit reports can help you spot problems and address them quickly.

To ease any concerns you may have about your personal information going forward, we have also retained an experienced outside consultant that specializes in such security matters to bolster our existing efforts on these issues as we work to better serve you. We are on top of the situation and will continue to be vigilant in our implementation of the
latest, and most comprehensive, data security measures.

We are also working to restore access to our website and continuing to work closely with law enforcement regarding these matters. We will continue to update you regarding the status of these matters.

Again, my sincerest apologies for this unfortunate incident.

Sincerely,

George Friedman

12/25/11

We have learned that Stratfor's web site was hacked by an unauthorized party. As a result of this incident the operation of Stratfor's servers and email have been suspended.

We have reason to believe that the names of our corporate subscribers have been posted on other web sites. We are diligently investigating the extent to which subscriber information may have been obtained.

Stratfor and I take this incident very seriously. Stratfor's relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me. We are working closely with law enforcement in their investigation and will assist them with the identification of the individual(s) who are responsible.

Although we are still learning more and the law enforcement investigation is active and ongoing, we wanted to provide you with notice of this incident as quickly as possible. We will keep you updated regarding these matters.

Sincerely,

George Friedman