Welcome guest, please

Login with username, password and session length


 

News and Newsletter:

Click here to join the Charter Vanguard

Author Topic: The Ashley Madison Data Dump, Explained  (Read 3515 times)

The Ashley Madison Data Dump, Explained
« on: August 19, 2015, 09:18:59 PM »
I don't know why I am laughing. I disagree with the invasion of privacy and dumping people's data on the free web. But man I am waiting to see reports of those silly enough to use their work emails to sign up! :o


http://www.nytimes.com/2015/08/20/technology/the-ashley-madison-data-dump-explained.html?_r=0
The Ashley Madison Data Dump, Explained

By DANIEL VICTOR AUG. 19, 2015

The release of stolen data from Ashley Madison, a dating website marketed at would-be adulterers, promises to roil the marital lives of its members.

It has also underscored the troubling limitations of Internet privacy.

On Tuesday, hackers appeared to make good on a threat to release what they said was 9.7 gigabytes of account and credit card information from 37 million users of the site.

What information was released?

The data includes members’ names, user names, addresses, phone numbers and birth dates as well as details of credit card transactions. Member passwords are encrypted, but specific users could be easily targeted for decryption, according to Quartz.

Profiles filled out by users could also contain embarrassing information about their sexual preferences.

The breach also included users of Established Men, a separate site aimed at women looking to date rich men. Both sites are owned by Avid Life Media.

Cybersecurity experts are indicating that the data appears to be genuine, but that doesn’t mean all of the information is reliable.

Brian Krebs, a security researcher, said in a blog post that he spoke with three people who found their information and the last four digits of their credit card numbers in the database, suggesting they were indeed stolen from the company.

“I’m sure there are millions of AshleyMadison users who wish it weren’t so, but there is every indication this dump is the real deal,” Mr. Krebs wrote.

Even if the information was taken from Ashley Madison, it’s very likely much of it was falsified. The site doesn’t verify the information it gathers. A reporter at The Intercept — an unmarried woman in New York City — said a man in South Africa had used her email address to create an account.

Who released the information, and why?

A group of hackers calling themselves Impact Team posted a small portion of the data in July, and they threatened to release the rest unless the site was shut down.

The hackers said they were upset about Ashley Madison’s policy for deleting user data when requested. The company has long offered members the ability to scrub their profiles and information from the site for $19, a feature that BuzzFeed News said generated nearly $2 million in 2014. But, as the breach showed, the data remained.

“We have explained the fraud, deceit, and stupidity of A.L.M. and their members,” Impact Team wrote, referring to Avid Life Media. “Now everyone gets to see their data.”

How could I check who had an account?

A reminder: The information found in the data has not been verified.

But two different search tools have surfaced that claim to show whether an email address was used.

More than 15,000 email addresses in the breach were hosted on United States government and military servers, The Hill reported.

How has Avid Life Media responded?

The company is cooperating with law enforcement agencies in Canada and the United States to find the hackers. With a business that relies on the trust of its members now in turmoil, Ashley Madison has sharply denounced the hackers’ talk of principles.

“This event is not an act of hacktivism, it is an act of criminality,” it said in a statement. “It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities. The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society.”

After the initial breach, the company said it had adjusted its policy for deleting user data and was taking steps to delete the stolen data.

  • Talia
  • Administrator
  • Legendary Champion
  • *
  • Posts: 11773
  • Talia.7412
    • The Charter Vanguard
Re: The Ashley Madison Data Dump, Explained
« Reply #1 on: August 19, 2015, 10:03:16 PM »
No sin is hidden from God. This whole data dump thing is a good reminder not to mess with the sanctity of marriage.

Re: The Ashley Madison Data Dump, Explained
« Reply #2 on: August 20, 2015, 02:58:13 AM »
No sin is hidden from God. This whole data dump thing is a good reminder not to mess with the sanctity of marriage.

I read that those who have read through those files have found many NTU, NUS and even MOE email addresses. There was even someone who supposedly found a cpib.gov.sg. So very curious how many of these people there are!

Re: The Ashley Madison Data Dump, Explained
« Reply #3 on: August 20, 2015, 06:27:48 PM »
Hey!  slickwilly@clintonemail.com appears 30,000 times!  Now we know why Hillary had her server wiped ;D

  • Talia
  • Administrator
  • Legendary Champion
  • *
  • Posts: 11773
  • Talia.7412
    • The Charter Vanguard
Re: The Ashley Madison Data Dump, Explained
« Reply #4 on: August 20, 2015, 11:17:03 PM »
Hey!  slickwilly@clintonemail.com appears 30,000 times!  Now we know why Hillary had her server wiped ;D


Username: Slickwilly



« Last Edit: August 20, 2015, 11:37:29 PM by Talia »

Re: The Ashley Madison Data Dump, Explained
« Reply #5 on: August 27, 2015, 02:15:41 AM »
http://www.theaustralian.com.au/business/technology/is-this-the-ashley-madison-hacker/story-e6frgakx-1227501175725

Is this the Ashley Madison hacker?


    The Australian
    August 27, 2015 2:42PM



Fallout from the massive Ashley Madison hack is continuing, with new revelations that the hacker has been potentially identified and is actively tweeting about the attack.

As reported by The Wall Street Journal, security researcher Brian Krebs claims to be onto the trail of the hacker, who self-identifies online as Thadeus Zu, and could possibly be Australian.

At a press conference this week Toronto police said Ashley Madison employees first learned of the hack on July 12, when their office computers displayed a message from hackers and played “Thunderstruck.”

Mr Krebs said he has since found repeated references to AC/DC and the song in the Twitter feed of Thadeus Zu, who also appears to have intimate knowledge of the hack.

In one screen shot posted to the feed, the user appears to be listening to the song on YouTube as he prepares a “replica server so we can get that show started.”

On August 18, Wired magazine published a new link from the Ashley Madison hackers to files that listed individual users. But the Thadeus Zu account appeared to have access to the files the previous day.

“Time’s up,” the account tweeted on August 17, including a link to the hackers’ website announcing the data dump. About 10 minutes later, the account tweeted, “There is already one around sharing the link. We will wait it out for another 15 or 30 minutes before we share the link.”

Since then, the operator of the account appears to have been obsessed with news coverage of the Ashley Madison hack. He also refers to the Impact Team, the group claiming credit for the breach, and little-known details, including the password used in a 2012 hack of the Ashley Madison site.

The Thadeus Zu account, which follows The Australian on Twitter, follows 35 Twitter accounts, most of which are Australian news organisations.

According to Mr Krebs, the purported hacker makes constant references to his “Oz girl”, uses the greeting “cheers” and even talks about people visiting him in Australia.

Mr Krebs and others have been unable to contact the account operator.

Meanwhile it’s been revealed that almost none of the site’s members were women.

Gizmodo journalist Annalee Newlitz analysed the database and found that only 1,492 of women members on the database had ever checked their messages on the site, compared with more than 20 million men.

She also found only 2,409 of the women had ever used the site’s chat function, versus more than 11 million men, while only 9,700 women had ever responded to a message from another person on the site, compared with almost 6 million men.

And in a further development, Reuters is reporting that before the data leak a television show based on the adultery website was being shopped around Hollywood.

The series, to be called ‘Thank You Ashley Madison’, would focus on a divorced woman “who has a different vision for what marriage might look like in modern day,” according to OutEast Entertainment executive Courtney Hazlett.

“There’s a number of women in this position too, it’s not all about men, it’s a turning point in marriage,” she said.

Since last week’s hack, Hazlett said there’s been more interest in the project.

“When we started shopping this around, the first comment we were getting was ‘are you kidding me? That many people are using site?” But it’s definitely now not that,” she said.

Ashley Madison, the website for “married men and women” to pursue affairs and cheat on their spouse, was hacked last month by a group identifying itself as ­Impact Team.

The hackers gained access to personal data of millions of previously anonymous users, threatening to release it all unless parent company Avid Life Media took down the site and its sister enterprise Established Men.

Those sites remained active and Impact Team came good on its threat, releasing the information to the dark web, accessible only through special anonymous browsing software.

With The Wall Street Journal.