UPDATE: #OpBank was not a real operation – or at the very least, there’s no indication it has been carried out as reported by media coverage elsewhere. Earlier today, @Gardenslayer tweeted:
#OpBank is NOT a real op, it’s a screening assignment for new @Gardenslayer writers. #BoA was NOT compromised.
Similarly, @DiscordiAnon tweeted:
@PeterHScrooby your article about #OpBank was a fake screening for our press release group @Gardenslayer
@anon2world added:
@DiscordiAnon @peterhscrooby @gardenslayer Peter, unfortunately it was a screening for PR – funny that u put it up tho.
“Funny” is not the word I’d use to describe Washington Examiner Examiner.com publishing an inaccurate news story that can negatively impact a firm’s reputation – even if I’m not a fan of the firm.
Some sources have suggested that the “Op” started here.
So far, I see no retraction, apology, or explanation on Washington Examiner Examiner.com
My original blog entry follows:
Yesterday, Peter Scrooby reported on #OpBank in a news story on Washington Examiner Examiner.com. After an initial “Anonymous says” preface, he went on to report on a hack of Bank of America as if it had actually occurred. I don’t know whether he did any digging into the story before he posted it, but here we are, a day later, and so far, I’ve seen no proof that the hack actually occurred.
Prior to yesterday, #OpBank had been mentioned in a Pastebin statement on December 19. In that statement, which did not seem to garner significant media attention, they wrote:
Therefore, we have come to start the dismantling of this terrifying threat by directing our actions to one of the major players in the financial world: the Bank of America (BoA). A few hours ago, #opBank managed to gain access to the servers of these money moguls and we are now in possession of every single bit that BoA has ever stored on their equipment. The data we have captured ranges from full credit card details and personal information to extensive digital histories of financial transactions. In other words: yes, we now own BoA.
To emphasize this latter fact just a little bit more, our members have also been able to modify BoA’s locally installed software so that it will now actually do what bankers have always neglected to do: apologize to the people. Be sorry. And give these people a well-deserved compensation for all the humiliation, violence and misery they have been forced to go through for so very long. #opBank wishes the lucky recipients a very merry christmas and a happy new year. And please make those billions count.
That same day, a statement clearly labelled as a Mock Press Release also appeared.
Yesterday, #OpBank issued two more statements. In one of them, they wrote that they have “released a database with all details of all customers. Credit card details, addresses, other personal information, loans, basically all info that BoA has on their customers.” No link was provided to any data dump, however, and if there is one, I haven’t been able to find it yet.
In a companion press release, also issued yesterday, they note again that
The collective managed to breach the security of the second largest bank holding company in the United States and gain acces to all of its clients information, including (but not limited to) their credit card details, personal information and their financial situation. Which have since been posted online in their totality.
But where are the data, if they have really acquired them? There have been no tweets with links and no press release with links to any data dump that I have been able to find.
Is this a case of Premature Press Release Syndrome or a hoax, or….?
There’s also no evidence that Brian Moynihan’s Facebook account was taken over (as of the time of this posting), which was one of the other claims in press releases.
Bank of America did not respond to two requests for a statement either confirming or denying the claimed hack by the time of this publication.
So if anyone has proof of hack, please provide a link. Or if I find any evidence, I’ll update this entry. For now, I’d just really like to know why the Washington Examiner Examiner.com published a story with a headline of “Anonymous Dumps Bank of America client credit card info in #OpBank” without posting any proof that that had happened.
CORRECTION: Thanks to a commenter who pointed out the site was Examiner.com and NOT The Washington Examiner. My apologies to the latter for my error.
Man, talk about walking around with a neon target painted on your chest in an avenue of snipers. In many other facets of life, from stockholders, clients and accounts this is can be contstrued as a major issue. Doing something like this can ruin peoples’ careers, and BoA may have an avenue for a major suit. That’s just peachy.
If you wish to inject utter chaos, this is the way to start it. Whomever started or suggested such a potential prank out to be awarded the moron of the month. That is – if it was a hoax and not an insider that works for the crew. All it takes is one person, and the right opportunity.
If they have insider information about a hack to a major financial institution and have not contacted the authorities, then they may be held liable. It may prove that their ethics and antics may be their demise – lets hope that news agency has great network security, otherwise they will probably become defaced by the crew, and all their dirty laundry will be flapping for all to see.
Toying with some ones’ reputation, whether they are supposedly good, bad or somewhere inbetween can bring you pain. And in this unstable economy, many that may become unemployed will definately feel the sting of their actions.
In light of all that, it’s surprising that BoA didn’t respond to two requests for a statement in response to
the Washington Examiner’sExaminer.com’s story. Had they simply sent me a denial, I would have published that yesterday instead of having to wait until this morning to update the entry. While the bank may have a legitimate gripe about the paper, they didn’t do themselves any favors by allowing the story to gather steam on Twitter without responding to it.It could be for a few reasons. BoA may consider it not worth investigating. They may want it to spin out of contral a bit, and have justification for a lawsuit. Or, worse case, the action actually occured and they are in the middle of an investigation. In any event, with little to no evidence on the table, it leans towards the inaccurate postings group. You can only ask; if they refuse to comment, one never truly knows what their reasons/intentions are, or the Pub Relations people may be in Tahiti sipping an iced drink.
In a “scenario” why would the rag mag paper need to use a real companys’ branded name? Don’t they have a high enough IQ to come up with a mock company name for a mock scenario ? Even if the name is close, its not the “real name”. If they did that one simple thing, there wouldn’t be something smoldering with thier name all over it.
I used to have a business account with BoA, and I personally was not impressed with their services. But overall, the security of the site was decent, adding additional controls to keep the site alittle more secure than others. Lets just hope the potential hack is a hoax, and that BoA legal team fires a warning shot over the bow, letting everyone know their stance. Somehow, I feel there is blood in the air over this one. = \
Just FYI – It wasn’t the Washington Examiner. The publication Scrooby writes for is Examiner.com, a network of sites with individual, independent “correspondents.” Examiner.com has no connection whatsoever with the Washington Examiner. My hunch is that writers for Examiner.com are compensated according to traffic levels, and thus have near-zero interest in revising/deleting inaccurate articles as long as they are dragging lots of hits.
Thanks so very much for pointing out my error, which I hope I’ve corrected now. And I would hope that Examiner.com can be as forthright about admitting their error as I try to be in admitting mine.
http://pastebin.com/GpVkJ9Uy Anonymous Press Release
Anyone can claim anything and say they’re “Anonymous.” If I submit a paste as Anonymous and claim that I’ve hacked the Department of Defense and gotten all their data and I add Anonymous’s standard sig block, are you going to report that as if it actually happened? I hope not.
Has Anonymous or Bank of America Confirmed or Denied it?
That’s a question that should have been asked BEFORE publishing, right? I sought confirmation and when I didn’t get it, I heavily qualified my coverage as a possible hoax. Why didn’t Examiner.com?
And as you can see on Twitter, a number of Anonymous-related accounts have since declared it a mock press release as part of a project to develop press release writers. All too many simply believed Examiner.com’s story and RT is as true when it wasn’t.
Who says they Official Anon twitter accounts or if they are only reporting what they read off your site? The examiner has a series of checks and balances in place. They have Editors and it has to be signed off on before the story before is published locally or nationally. Be nice see some result of your blog and to know weather or not it is true.
No, they’re not reporting what they read on my site. Go back to my original blog post where I expressed suspicion that this hack had not happened as claimed in the “press release.” I continued trying to confirm or disconfirm the claim and several sources contacted me on Twitter and via e-mail to tell me that it was not a real operation.
You seem to have things backwards. Your position seems to be, “Here’s an Anonymous claim. Can you prove it false?” I don’t have to prove it false. A journalist who reports it as true has to provide some evidence for HIS statement or at least report that there is no confirmation.
True, All I wanna know is if it happened. The fact that no one is talking bout it one way or another is odd. Another odd thing is that when i enter the term #OpBank in Google nothing comes up ????
What’s there to talk about if nothing happened other than a fake press release duping people?
Don’t you think that if there really was a hack, there would have been some data dumped by now when the first “press release” was Dec. 19? Wouldn’t customers be reporting getting apology notes or unsolicited money? Wouldn’t you see Moynihan’s account sending out fake messages prior to now?
The Examiner.com story may have hurt BoA with its investors and customers if they heard that there had been a major hack. If I was the journalist or publisher, I’d be retracting/correcting/apologizing like crazy by now.
So who is it up to? The Journalist or the Paper to apologize? I mean the writer runs with the story and puts the article together, and then the paper ( or Editor) looks it over and published it? ? No fact Check?
In the case of Examiner.com, aren’t the writers independent contractors? If you’re posing a legal question of liability, I don’t know because I’m not a lawyer. But as a blogger/citizen journalist who tries to report accurately and promptly corrects/apologizes when I goof, I would hope that the journalist would acknowledge a mistake or clarify if they discovered that their reporting was misleading or not supported by available facts.
This is the only Data i can find related to the Bank of America dump. http://pastebin.com/JLQ6zjxB
What makes you think that’s even related to it? Go back to what the claim was: “The collective managed to breach the security of the second largest bank holding company in the United States and gain acces to all of its clients information, including (but not limited to) their credit card details, personal information and their financial situation. Which have since been posted online in their totality.”
That paste looks more like a phishing thing or maybe the hack of a gaming server or something. It certainly doesn’t look like data from a hack of a U.S. bank and it certainly doesn’t contain any of the data that were supposedly “posted online in their totality.” And while anything’s possible, I’d be surprised if BoA was storing clear-text passwords for bank accounts.
I don’t know why you are having such a tough time accepting that maybe this never happened – or hasn’t happened yet — or hasn’t been revealed yet with a real press release. But I’m done wasting my time on this until I see something that looks credible.
Anonymous – Press Release #opBank
http://anoncentral.org/2012/01/anonymous-press-release-opbank/?utm_source=rss&utm_medium=rss&utm_campaign=anonymous-press-release-opbank
So what’s your point? That others were fooled, too? How many might have been fooled, in part, because a media site reported it as fact (“Anonymous Dumps…” ) without pointing out that there was no confirmation and without indicating any attempt to fact-check.
http://www.spj.org/ethicscode.asp
Just Like anyone on Twitter can say it was a fake press release?
*sigh* Burden of proof…. on you, not me. And it was marked as fake/mock back on December 19. And the people involved in creating the mock release have publicly taken responsibility for the fake release and said that it was untrue and that BoA was not hacked. So if you want to try to defend what I think was pretty poor journalism, go ahead and knock yourself out – but on your site, not mine.
although what the rag mag site might say is true, it probably was more of a ploy to sit on the examiners’ servers and draw hits. I search alot through a speciific search engine, and some of the strings I search forr, that are totally unrelated to any retail experience come up saying ” shop for YYYYY at Tar***.com.
So, this rag mag is probably going to post anything that can draw hits. So, if you put several top phrases into an article like hacks and a major bank, you are using two phrases that will bring more hits to the website. Once a search engine has crawled and indexed that topic, its fair game for people to click on it and get to the rag mag site.
All the trendy or Breaking News stories out there are avenues for hackers to get victims. Natural Disasters, Politics, Hollywood and more are all filled with bad links that can draw people in. I am sure some companies with less than decent morals will eventually use this tactic to draw people into their site, and offer a juicy topic which may be totally unrelated to what was searched for. If anything it is hits, and the negatively based page has done its job.
For breaking news, of any type for that matter, there isn’t a clear cut way to define whether the act has occurred or not. I am sure there are many journalist out there that are impatiently waiting for some sort of news to break and they knee jerk with the initial information that is probably at best, 50% reliable. But the story is out there, and eventually will be updated and either hyped up or downplayed.
I am sure this site has a good reputation, and an extremely ratio of accuracy of articles and a low rate of misfires. The article has been deemed a hoax, I hope it end that way and we can move on to another article. If some one has the time to sit on your site and rebuttal all day from work, they must be bored at the job. Don’t let anyone push your button and lose focus on what your true intent is. Let them go elsewhere and find thier thrills.
Yeah, I gotta get better at not getting drawn into these things as it does take time away from more productive things. Thanks for the gentle nudge. 🙂
And yes, my site is generally considered a reliable source of info for people interested in breaches. I’ve had to issue maybe half a dozen corrections in three years and over 5,000 blog entries. Most of those corrections were fairly minor but I think it’s important to set the record straight if I’ve provided inaccurate info.
If the Bank of America breach is a supposed hoax….why did I (a customer of Bank of America) receive a letter from them apologizing for a security breach along with new account numbers to “protect my security”???
I was told by customer service that the breach was large. Are they really proactive enough to change everyone’s account number over a breach that did not occur?