On the day after Christmas, Anonymous dumped out 13,000 credit card numbers and account details for a host of popular websites, but an analysis of the package by security experts shows that most of the data has been available online for ages.
The dump was carried out "for the lulz," according to an Anonymous Twitter account. It contained passwords for Amazon, Walmart, and Hulu Plus, in addition to other software, dating, and pornography sites. Some credit card data was also included in the (now deleted) posting.
Ken Westin, senior security analyst at Tripwire, accessed the data dump, had a look over its contents, and says it appears as though there's nothing to worry about.
"I lot of this stuff goes back to 2011 and 2012 and nothing I could find in here was particularly new," Westin said in a call with The Register. "I'd also question the authenticity of this actually being Anonymous. It doesn't look like something they would do. Usually when they release data it's for a specific purpose, not just for no reason."
The bulk of the dumped data, he said, was account logins and passwords that were mostly obtained from a now-defunct website called Leakforums.net, where a number of accounts were often listed. The credit card details – purportedly from Ubisoft credit card numbers – are years old, he added.
So far, none of the companies whose data was listed have reported seeing any hacking activity on their servers related to the incident. ®