Activist hacker group Anonymous has claimed to have stolen thousands of emails, passwords and sensitive credit card details from a US-based security think-tank, forcing it to suspend operations.
Promising it was just the start of a week-long Christmas-inspired assault on a long list of targets, the group said they were able to obtain the information because the Stratfor did not encrypt it.
The Austin-based company which provides independent analysis of international affairs and security threats, says it has now suspended the operation on its servers and email.
Stratfor's website was not functioning today. A banner read, "Site is currently undergoing maintenance. Please check back soon."
Stratfor's clients include the US defence department, law enforcement agencies and media organisations.
In a posting on the website Pastebin, hackers said they released Stratfor subscriber data, including information on 4,000 credit cards as well as the company's "private client" list.
Stratfor sent an e-mail to subscribers yesterday, confirming the cyber attack.
"On December 24th an unauthorised party disclosed personally identifiable information and related credit card data of some of our members. We have reason to believe that your personal and credit card data could have been included in the information that was illegally obtained and disclosed."
But Stratfor also said the "private clients" disclosure was "merely a list of some of the members that have purchased our publications and does not comprise a list of individuals or entities that have a relationship with Stratfor beyond their purchase of our subscription-based publications."
CNN quoted Stratfor CEO George Friedman saying that the company is working closely with law enforcement.
"Stratfor's relationship with its members and, in particular, the confidentiality of their subscriber information, are very important to Stratfor and me," he wrote on the firm's Facebook page.
"We have reason to believe that the names of our corporate subscribers have been posted on other web sites," the company said. "We are diligently investigating the extent to which subscriber information may have been obtained."
Anonymous has previously claimed responsibility for cyber attacks on financial institutions seen as enemies of the whistleblowing website WikiLeaks.
