Hammond is currently serving the remainder of a 10-year prison sentence in part for his role in one of the most high-profile cyberattacks of the early 21st century. His 2011 breach of Strategic Forecasting, Inc. (Stratfor) left tens of thousands of Americans vulnerable to identity theft and irrevocably damaged the Texas-based intelligence firm’s global reputation. He was also indicted for his role in the June 2011 hack of an Arizona state law enforcement agency’s computer servers.
Sealed court documents obtained by the Daily Dot and Motherboard, however, reveal that the attack was instigated and orchestrated not by Hammond, but by an informant, with the full knowledge of the Federal Bureau of Investigation (FBI). In addition to directly facilitating the breach, the FBI left Stratfor and its customers—which included defense contractors, police chiefs, and National Security Agency employees—vulnerable to future attacks and fraud, and it requested knowledge of the data theft to be withheld from affected customers. This decision would ultimately allow for millions of dollars in damages.
The FBI’s official version of the Stratfor hack, as reported by the New York Times, is that the bureau was made aware of the breach on Dec. 6, 2011, after hackers were already “knee-deep” in confidential files. The FBI claims Hammond informed hacker-turned-informant Hector Xavier Monsegur—also known by the online alias Sabu—of the vulnerability at Stratfor. In turn, the FBI immediately notified the intelligence company, though at that point it was already “too late.”
During his trial, Hammond claimed that the roles were actually reversed: It was Monsegur—released last week on time served—who first introduced him to an anonymous hacker, now known as Hyrriiya, who “supplied download links to the full credit card database as well as the initial vulnerability access point to Stratfor’s systems.” “I had never even heard of Stratfor until Sabu brought it to my attention,” Hammond said.