Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > wi.general > #1619

Hackers expose millions of Ashley Madison users, some using government email

From "Lolololol!" <lololol@divorces.com>
Subject Hackers expose millions of Ashley Madison users, some using government email
Message-ID <ab31a18afcaa350b4a5aba99f96a2530@dizum.com> (permalink)
Date 2015-08-26 08:12 +0200
Newsgroups wi.general, az.general, alt.fashion, can.motss, rec.arts.tv.news.oreilly-factor
Organization dizum.com - The Internet Problem Provider

Cross-posted to 5 groups.

Show all headers | View raw


Mysterious hackers known as the 'Impact Team' say they have 
exposed unfaithful partners across the world, posting what they 
said were the personal details of millions of people registered 
with cheating website Ashley Madison.

A message posted by the hackers alongside their massive trove 
accused Ashley Madison's owners of deceit and incompetence and 
said the company had refused to bow to their demands to close 
the site.

"Now everyone gets to see their data," the statement said.

Ashley Madison has long courted attention with its claim to be 
the Internet's leading facilitator of extramarital liaisons, 
boasting of having nearly 39 million members and that "thousands 
of cheating wives and cheating husbands sign up every day 
looking for an affair."

Its owner, Toronto-based Avid Life Media Inc., has previously 
acknowledged suffering an electronic break-in and said in a 
statement Tuesday it was investigating the hackers' claim. U.S. 
and Canadian law enforcement are involved in the probe, the 
company said.

The Associated Press wasn't immediately able to determine the 
authenticity of the leaked files, although many analysts who 
have scanned the data believe it is genuine.

TrustedSec Chief Executive Dave Kennedy said the information 
dump included full names, passwords, street addresses, credit 
card information and "an extensive amount of internal data." In 
a separate blog, Errata Security Chief Executive Rob Graham said 
the information released included details such as users' height, 
weight and GPS coordinates. He said men outnumbered women on the 
service five-to-one.

Avid Life Media declined to comment Wednesday beyond its 
statement. The hackers also didn't immediately return emails.

The prospect of millions of adulterous partners being publicly 
shamed drew widespread attention but the sheer size of the 
database — and the technical savvy needed to navigate it — means 
it's unlikely to lead to an immediate rush to divorce courts.

"Unless this Ashley Madison information becomes very easily 
accessible and searchable, I think it is unlikely that anyone 
but the most paranoid or suspecting spouses will bother to seek 
out this information," New York divorce attorney Michael DiFalco 
said in an email. "There are much simpler ways to confirm their 
suspicions."

Although Graham and others said many of the Ashley Madison 
profiles appeared to be bogus, it's clear the leak was huge. 
Troy Hunt, who runs a website that warns people when their 
private information is exposed online, said nearly 5,000 users 
had received alerts stemming from the breach.

Although many may have signed up out of curiosity and some have 
little more to fear than embarrassment, the consequences for 
others could reverberate beyond their marriages. The French leak 
monitoring firm CybelAngel said it counted 1,200 email addresses 
in the data dump with the .sa suffix, suggesting users were 
connected to Saudi Arabia, where adultery is punishable by death.

CybelAngel also said it counted some 15,000 .gov or .mil 
addresses in the dump, suggesting that American soldiers, 
sailors and government employees had opened themselves up to 
possible blackmail. Using a government email to register for an 
adultery website may seem foolish, but CybelAngel Vice President 
of Operations Damien Damuseau said there was a certain logic to 
it. Using a professional address, he said, keeps the messages 
out of personal accounts "where their partner might see them."

"It's not that dumb," Damuseau said.

How many of the people registered with Ashley Madison actually 
used the site to seek sex outside their marriage is an 
unresolved question. But whatever the final number, the breach 
is still a humbling moment for Ashley Madison, which had made 
discretion a key selling point. In a television interview last 
year, Chief Executive Noel Biderman described the company's 
servers as "kind of untouchable."

The hackers' motives aren't entirely clear, although they have 
accused Ashley Madison of creating fake female profiles and of 
keeping users' information on file even after they paid to have 
it deleted. In its statement, Avid Life Media accused the 
hackers of seeking to impose "a personal notion of virtue on all 
of society."

Graham, the security expert, had a simpler theory.

"In all probability, their motivation is that #1 it's fun, and 
#2 because they can," he wrote.

Thinking about accessing the data yourself? Think again.

“It certainly could be a crime to receive or possess [the stolen 
data],”ť said Joseph Fitzpatrick, spokesman for the U.S. 
Attorney’s office in Chicago. “Once you download or distribute 
hacked information without specific permission or a fair use 
license, you’ve exposed yourself to potential criminal liability 
under the Computer Fraud and Abuse Act. An individual who 
retweets or forwards a link to a website containing hacked 
information could potentially be viewed as an accessory to the 
hack after the fact.”ť

Many people won’t get that far.

“Even if you could download it, most people don’t have a 
computer big enough to open the file,”ť said Cameron Banga, co-
founder of 9magnets, a Valparaiso, Ind.-based mobile app 
developer.

http://www.chicagotribune.com/bluesky/technology/ct-ashley-
madison-leak-20150819-story.html

  

Back to wi.general | Previous | Next | Find similar | Unroll thread


Thread

Hackers expose millions of Ashley Madison users, some using government email "Lolololol!" <lololol@divorces.com> - 2015-08-26 08:12 +0200

csiph-web