: This story has been updated with a response from SpecialForces.com
The prolific hacking group Anonymous has launched the second wave of its holiday campaign of break-ins, entering SpecialForces.com and leaking thousands of confidential user details, including credit card numbers.
"Continuing the weeklong celebration of wreaking utter havoc on global financial systems, militaries, and government, we are announcing our next target: the online piggy supply store SpecialForces.com," Anonymous wrote in a Dec. 27 Pastebin post.
SpecialForces.com, based in Gardena, Calif., sells such equipment as handcuffs, nightsticks, tasers, knives, clothing and tactical gear to law enforcement agencies and the military.
In the same Pastebin post, Anonymous leaked roughly 14,000 passwords and 8,000 credit card numbers of SpecialForces.com customers. The hacking collective said it has had the data in its possession for months, and although SpecialForces.com encrypted its customers credit card numbers, the hackers were able to break into the retailer's servers and steal encryption keys.
Anonymous said the hack stems from the abuse suffered by Occupy protesters at the hands of law enforcement, notably by students at the University of California, Davis, who were methodically pepper-sprayed by campus police Lt. John Pike in November. The hackers said they went after SpecialForces because of whom it serves.
"Their customer base is comprised primarily of military and law enforcement-affiliated individuals, who have for too long enjoyed purchasing tactical combat equipment from their slick and 'professional'-looking website," Anonymous wrote. "What’s that, officer? You get a kick out of pepper-spraying peaceful protesters in public parks? You like to recreationally taser kids? You have a fetish for putting people in plastic zip ties?"
The hack comes just days after Anonymous infiltrated the prominent security think tank Stratfor and leaked thousands of credit card numbers from the firm's major clients.
The campaign, called "LulzXmas," isn't over, Anonymous says. "We’ll continue to have ourselves a merry LulzXmas at the expense of capitalist pigs, corrupt public officials and all those third parties who cater to the continued oligarchic elite worldwide. We are your secretaries, your janitors, your baby sitters, your IT guys, your bus drivers, your maids, your hard-working, driven and determined fellow humans."
UPDATE: In an email to SecurityNewsDaily, Dave Thomas from SpecialForces.com said his company's web servers were breached in August, and that Anonymous waited months to publicize the hack in order to keep itself in the spotlight following the Stratfor incident.
Thomas said the compromised customer credit cards "were from a backup of a previous version of the website that is over a year old. Most of the credit card numbers are expired, and we don't have any evidence of any credit card misuse at this time."
He said SpecialForces.com contacted affected customers, apprised them of the situation and urged them to change their passwords and monitor their credit card activity for any suspicious transactions.