Especially when it happens just before one of the security industry's largest annual conferences, at which you have not only been invited to speak but have rented a booth and set up meetings with numerous executives of potential customers.
That was the situation facing Greg Hoglund, CEO of HBGary Inc. of Sacramento, at the start of this week's RSA security conference in San Francisco after a pro-WikiLeaks group of hackers calling themselves "Anonymous" posted tens of thousands of emails detailing, among other things, the fact that a spin-out company called HBGary Federal helped develop proposals to combat critics of Bank of America and the U.S. Chamber of Commerce through dirty tricks.
So it might have been a relief in some ways when someone scrawled on HBGary's display the message "Anon. is in it for the lulz," — with slang for laughs — giving Hoglund a safety rationale on Monday to pull out of the conference altogether. HBGary officials said they also got threats via fax and voice mail in recent days.
"Anonymous" uncovered the controversial sabotage proposals, which both Bank of America and the Chamber of Commerce repudiated and insisted they didn't see, after stealing tens of thousands of emails from HBGary and HBGary Federal as punishment for HBGary Federal CEO Aaron Barr's claiming to have identified top "Anonymous" members.
The emails showed that plans that included intimidating journalists were developed on behalf of a big Washington, D.C., law firm called Hunton and Williams by HBGary Federal along with Berico Technologies and Palantir Technologies of Palo Alto, a high-profile data analysis company co-founded by ex-PayPal CEO Peter Thiel. The companies hoped to get as much as $2 million a month from the Chamber of Commerce alone, the emails indicate.
HBGary Vice President of Services Jim Butterworth said Wednesday that "Anonymous" apparently gained access to an HBGary Federal data center in Colorado and then used stolen credentials to get into HBGary's Google account, where tens of thousands of emails were copied. He insisted the two companies operate separately, but could not say what their relationship is.
Butterworth insisted that HBGary's security technology was not compromised, and he said that so far clients have been supportive.
"Time will tell," he said.
As for Berico Technologies and Palantir Techologies, both have denounced HBGary Federal and vehemently sought to distance themselves from the offensive aspects of their joint proposals.
Palantir says it put a 26-year-old engineer on leave pending an investigation, though at least two other employees were involved, according to emails.
Palantir likely has good reason to worry about its image. Much of the company's work comes from government contracts with defense and police agencies.
Will the scandal hurt its brand, or blow over?
Time will tell.
