Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

You May Rue Your Cheating Heart: Ashley Madison Breached

July 21, 2015

It's hard not to have a grudging admiration for Ashley Madison's tagline: "Life is short. Have an affair." They clearly know their target audience and they found the perfect "hook" to get them to join the extramarital dating site.

We've been hearing about Ashley Madison for quite a while. Even divorce attorneys were recommending it to clients. I won't get into the ethics of a lawyer helping a client to cheat . . . With over 37 million members, a lot of straying lovers/spouses put their faith in Ashley Madison protecting their privacy.

So it was hard to suppress a giggle when the morning news came on yesterday with the news that Ashley Madison had been breached. The Washington Post reported that Avid Life Media Inc., which owns the site, confirmed the breach.

It is as yet unclear how much data may be available online. I have yet to see a report that anyone has seen the actual data even though the breach has been confirmed. It appears thus far that the hackers are primarily interested in having the sites taken down for moral reasons.

Yesterday the company said it would offer all users the ability to fully delete their personal information from the site — an option that was previously only available for a fee. This also elicited a chortle – hasn't the horse already galloped from the barn?

Supposedly, according to Avid Life Media Inc., those who had paid previously for deletion were not caught up in the hack – forgive me if I remain skeptical about that.

Security reporter Brian Krebs reported that the "The Impact Team" also had breached other sites owned by the company, including Cougar Life, which appeals to “single moms and sexy singles looking for a young Stud,” and Established Men, which promises to connect “young, beautiful women with successful men.”

The Impact Team is also skeptical about the full deletions of those who have paid previously and claims that user details, including names and addresses from their credit card deletion transactions, are not actually scrubbed. Krebs reported that “The Impact Team” is threatening to expose all customer records unless Avid Life Media takes AshleyMadison and Established Men offline “permanently in all forms.”

Holding data hostage for moral reasons is certainly a new concept. I'll bet there are a lot of panicked cheaters out there. My friend and colleague Ben Schorr suggested that we all buy stock in FTD and Zales. Pretty crafty Ben.

E-mail:    Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
http://www.senseient.com
http://twitter.com/sharonnelsonesq
www.linkedin.com/in/sharondnelson