News and analysis
December 28, 2011

Charities That May Have Benefited From Hacking Seek to Make Refunds

Two big charities, the American Red Cross and CARE, said they are investigating reports that computer hackers gave them gifts using credit-card information stolen from a global intelligence company—and they promised to help any victims of fraud get their money back.

“We’re happy to work with anyone to make sure they’re refunded,” said Melanie Pipkin, a spokeswoman for the Red Cross, which apparently received some of the fraudulent donations. She urged people to contact their credit-card companies first if they notice unauthorized charges.

The hackers—who say they have ties to Anonymous, a global network that has previously attacked a variety of corporate and government computer systems—posted personal information about thousands of clients of Strategic Forecasting or Stratfor, in Austin, Tex.

The hackers said they had used the credit-card data to make some charitable contributions and posted screen shots of receipts for donations to groups including the Red Cross and CARE.

One person who was identified in a receipt, Allen Barr, of Austin, told the Associated Press he discovered that $700 had been contributed from his account to groups including CARE, the Red Cross, and Save the Children.

Andisheh Nouraee, a CARE spokeswoman, said her group would “work with any Stratfor hacking victims who did not intend to give to CARE to assure they get reimbursed” but had no additional information about the thefts.

The Red Cross has not yet determined how many unauthorized gifts had come its way, Ms. Pipkin said. “We’re still looking into it,” she added. “Obviously there’s an uptick in donations anyway because it’s a big donor week.”

In a notice posted on Facebook, Stratfor acknowledged that “an unauthorized party disclosed personally identifiable information and related credit-card data of some of our members” and said it had hired an identity-theft protection and monitoring service to help affected clients.