HBGary Hack In Depth
Udo Schmitz writes "Heise's UK site has the English translation of an article from the latest issue of their magazine c't about Anonymous's HBGary hack. It shows that there was much more involved than just social engineering to get passwords, and how anonymous evolved following OpTunisia and OpEgypt."
HBGary's systems were just riddled with security holes. From URL parameters that weren't scrubbed to straight MD5 password hashing to using the same password for several (and possibly many) accounts on different systems (servers, email, Twitter, LinkedIn, etc). I'm sure glad something as important as our government didn't use their security services. Oh, wait ... D'oh!
The first step of being anonymous would be to not sign your name at the end of a post...