If you want to get someone’s attention, grab them by the balls. That seems to be the prevailing lesson from the furore surrounding the hacking of Ashley Madison, a dating web site dedicated to married people seeking to cheat on their spouses, which markets itself with the tag line: “Life is short. Have an affair”.
Security expert Brian Krebs broke the story on krebsonsecurity.com with Ashley Madison’s owner, Avid Life Media issuing a statement the following day admitting there had been an “unprovoked and criminal intrusion” into its customers’ information and confirming it was the “latest among many companies to have been attacked, despite investing in the latest privacy and security technologies”.
“The group responsible for the hack claims it has gained access to the web site’s database of more than 37 million members”
The group responsible for the hack, The Impact Team, claims it has gained access to the web site’s database of more than 37 million members and is threatening to “release all customer records, profiles with all the customers’ secret sexual fantasies, nude pictures, and conversations and matching credit card transactions, real names and addresses”.
The motive for the attack, according to The Impact Team, is a dispute over Ashley Madison’s claims that its “full delete” feature completely erases a member’s profile information for a fee of $19. The Impact Team claims that Ashley Madison retains credit card details, names and addresses online even if users pay for a full delete.
Nuclear option
Quite why this should prompt the hackers to adopt the nuclear option of forcing the total closure of the site in exchange for averting the public exposure of its members is hard to fathom. The attack follows a similar hack of another adult dating site, Adult FriendFinder, in March where details of 3.5 million people’s sexual preferences, fetishes and secrets were posted online.
Both hacks have served the purpose of focusing our attention on the issue of IT security (and other people’s sex lives) in a much more immediate and prurient way than similar stories involving security breaches at retailers. From a security vendor or partner’s point of view, this is a useful cautionary tale to include in the portfolio when it comes time to talk to customers about their security needs.
Exposure
In the meantime, those affected by the attack face the very real prospect of having their infidelity exposed for their spouses (and divorce lawyers) to see. Even if the information isn’t published, they could be left exposed to the threat of blackmail.
Many people will feel little or no sympathy for those who find themselves caught in this quandary. After all, if Ashley Madison members are prepared to cheat on their spouses, why should we care if they are exposed for being unfaithful?
‘Dirtbags’
The Impact Team certainly has no sympathy for the men on the site, describing them as “cheating dirtbags”. It warns that if Ashley Madison stays online, then “a significant percentage of the population is about to have a very bad day, including many rich and powerful people”.
If the information does get leaked, Ashley Madison might want to amend its tag line slightly to something like: “Life is short. Alimony is forever.”
Subscribers 0
Fans 0
Followers 0
Followers