The Ashley Madison Breach Isn't Just About Infidelity
The hacker group that stole user data from adult network Ashley Madison made good on their threat to expose the data. Almost a month after their initial threat, the hackers dumped almost 10GB of files on the deep web for anyone with a Tor browser to sift through.
Ashley Madison, the self-styled "cheating network" that provided a platform for married individuals interested in having an affair, boasts a user base of more than 30 million individuals, with premium paid services that had users submitting personally identifiable information, including payment accounts.
[More: When Hackers Expose Cheaters: Ashley Madison Hackers Threaten to Expose User Data]
The information revealed in Tuesday's data dump proved that the hackers weren't bluffing, and it seems they were correct when they called out the company's sketchy practices. According to the report by Wired, the files include account details and log-in credentials, names, street address and email addresses of around 32 million users, including credit card and payment transactions made as far back as seven years.1
The AM breach and the succeeding data dump has real-life implications that affect more than their clients' wallets or online accounts. At least a couple of sites have popped up that allow the public to search for email addresses of people who may have had an Ashley Madison account, and there have already been a number of stories made public regarding high-profile users.2 This incident is also unique mostly because of the hackers' motive: they weren't asking for money or have any political motivations, but demanded that ALM take down Ashley Madison and Established Men, another adult-oriented social network.
[From the Security Intelligence Blog: Ashley Madison: A Tale of Sex, Lies, and Data Breaches]
If you, or anyone you know, isn't involved in any way, that doesn't mean it shouldn't concern you. Infidelity or the ensuing humiliation isn't the issue here—it's about privacy. And while there are those who might contend that those with nothing to hide shouldn't have anything to worry about, it should be stressed that any kind of personal information—intimate or otherwise—should be protected and handled properly by those who are entrusted with user data, and by the users themselves.3
Data breaches are happening almost regularly now, and it has hit other industries. This incident is sensational mostly because of the sensitive nature of a controversial online service, but tomorrow, someone else is going to get breached, and it's going to be another blow to privacy.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: TargetCompany
- Email Threat Landscape Report: Cybercriminal Tactics, Techniques That Organizations Need to Know
- Preventing an Imminent Ransomware Attack With Early Detection and Investigation
- Inside the Halls of a Cybercrime Business
- Securing Cloud-Native Environments with Zero Trust: Real-World Attack Cases