Slashdot Mirror

← Back to Stories (view on slashdot.org)

Affair Site Hackers Threaten Release of All User Data Unless It Closes

Posted by Soulskill on from the cards-on-the-table dept.

heretic108 writes: According to KrebsOnSecurity, the infamous Ashley Madison affairs hookup website has been hacked by a group calling itself The Impact Team. This group is demanding the immediate and permanent shutdown of Ashley Madison, as well as similar sites Cougar Life and Established Man, owned by the same company: Avid Life Media. If the sites aren't shut down, the hackers are threatening to publicly release personal data for 37 million users. ALM has confirmed that a hack took place, and the hackers posted snippets of account data, as well as bank and salary information from the company itself.

18 of 446 comments (clear)

  1. nothing new under the sun by FatdogHaiku · · Score: 4, Interesting

    People likely to have an affair will do so with or without a website...

    --
    You have the right to remain sentient. If you give up the right to remain sentient, you will be elected to public office
    1. Re:nothing new under the sun by fuzzyfuzzyfungus · · Score: 5, Interesting

      I would actually be interested to know what the logic is here: the hacker clearly doesn't like AM, or they wouldn't be spoiling their rumored-IPO quite this enthusiastically, they also don't like the users they are threatening to expose; but they also appear to be really bent out of shape about AM's allegedly-dishonest-and-exploitative 'pay to purge the embarrassing traces' feature.

      Anger about that feature would seem to be something more likely in some portion of the users, or among people who identify with the interests of the users; but this interested party displays only contempt for them; rather than viewing AM's attempt to squeeze them as an amusing and justified punishment.

      We obviously have no particular reason to trust their statement; but we do have to expect that they have a reason worth the legal exposure for doing this(especially since the dataset they are talking about would probably be worth a decent sum for sale to others looking for really juicy spearphishing targets ) rather than not attempting the hack at all or hacking but then staying quiet about it. My guess would be that it is more about attacking the site operator than about the users specifically; it is pretty common for at least a person or two to end up suitably embittered during the course of business.

    2. Re:nothing new under the sun by pastafazou · · Score: 5, Interesting

      It costs $15 and their data doesn't even get deleted...a scam that has netted $1.7M for ALM

    3. Re:nothing new under the sun by Charliemopps · · Score: 2, Interesting

      People likely to have an affair will do so with or without a website...

      The site delays the inevitable discovery by their spouse, thereby increasing the damaged caused by the dishonesty. Anything that destroys truth is evil. Period. This site and the people that use it are disgusting.

    4. Re:nothing new under the sun by Anonymous Coward · · Score: 5, Interesting

      I'd hazard a guess that one of the hackers on the team was mad that his wife had an affair using the site, so he got his hacking buddies together to take revenge.

    5. Re:nothing new under the sun by Fire_Wraith · · Score: 5, Interesting

      I'd hazard a guess that this is a disgruntled insider, based in part on the fact that they claimed knowledge of internal practices (charging for profile deletion, but then retaining the information anyway). It's certainly possible someone could find that out through other means (having paid to have it deleted, then having it found anyway), but insider access explains a lot of things.

    6. Re:nothing new under the sun by tibit · · Score: 3, Interesting

      If we wanted to swing or do it with other people, both me and my wife would simply sign up on AM or a similar site, with full knowledge of each other. Perhaps most people "cheat" without their spouses knowing about it? I thought the whole point of rational adults being married was that they talked and shit? Sigh.

      --
      A successful API design takes a mixture of software design and pedagogy.
    7. Re:nothing new under the sun by Registered+Coward+v2 · · Score: 3, Interesting

      I'd hazard a guess that this is a disgruntled insider, based in part on the fact that they claimed knowledge of internal practices (charging for profile deletion, but then retaining the information anyway). It's certainly possible someone could find that out through other means (having paid to have it deleted, then having it found anyway), but insider access explains a lot of things.

      I wonder if someone got laid off or feels screwed out of IPO shares? It would seem someone who had access to accounts might be able to grab the info, or at least enough to convince AM they have.

      --
      I'm a consultant - I convert gibberish into cash-flow.
    8. Re:nothing new under the sun by Registered+Coward+v2 · · Score: 4, Interesting

      It costs $15 and their data doesn't even get deleted...a scam that has netted $1.7M for ALM

      In that case, AM might be liable for damages if someone paid to have the information deleted and it turns out it wasn't and then later gets stolen and released causing damage to the account holder. IANAL, but it would seem they would have at least an expectation the data was deleted, paid a consideration for AM to take a certain action (deleting information) in exchange, failed to do so as promised and as a result some suffered damages. While there is probably some T&C fine print that attempts to absolve them of all responsibility I would argue they were negligent in not deleting the data and safeguarding their systems and thus still liable. Given they are looking at IPO money they would have deep pockets for a class action suit.

      --
      I'm a consultant - I convert gibberish into cash-flow.
    9. Re:nothing new under the sun by aynoknman · · Score: 4, Interesting

      People likely to have an affair will do so with or without a website...

      Your comment ignores the nature of temptation. These websites have a corrupting influence on those who are not likely to have an affair. They catch the idly curious and change "I wonder what it would be like?" to "That person is available to me." and tempt those who would not be inclined and push them to take action.

      --
      We need a "+1 -- nice sig" moderation.
    10. Re:nothing new under the sun by jandrese · · Score: 4, Interesting

      Another article I read on this had quotes from the AM CEO saying that he knew who did it and was looking at the guy's profile during the interview. We will see what comes of this.

      --

      I read the internet for the articles.
  2. Go ahead by 1_brown_mouse · · Score: 5, Interesting

    I get the feeling most of the profiles are fake anyway to pull in gullible males. Never give in to blackmail.

  3. Re:First thing I thought of by xxxJonBoyxxx · · Score: 4, Interesting

    >> this is a prime target for a hacking/blackmail scheme

    My first thought was that the entire point of the site was to BE a blackmail scheme.

  4. Re:First thing I thought of by dj245 · · Score: 5, Interesting

    The first thing that came to mind when I heard of this site is "This is a prime target for a hacking/blackmail scheme." The only surprise here is that it didn't happen sooner.

    As someone who has data in there (out of curiosity), it couldn't have happened to better people. The people that run AshleyMadison are worse than the lowest spammers. Not because they sanction marital cheating, but because they are exceedingly scammy in every aspect of the way they operate their business. They make Paypal and Stamps.com look like saints.

    --
    Even those who arrange and design shrubberies are under considerable economic stress at this period in history.
  5. Does this qualify... by Enter+the+Shoggoth · · Score: 4, Interesting

    ...as revenge porn?

    --
    Andy Warhol got it right / Everybody gets the limelight
    Andy Warhol got it wrong / Fifteen minutes is too long.
  6. Vigilantes of Morality by neghvar1 · · Score: 4, Interesting

    One immoral act to shutdown another immoral act

  7. Welcome to the new "criminal justice" by RogueWarrior65 · · Score: 5, Interesting

    Full disclosure: I'm not defending this company for what it does.
    For those of you who were tired of the old criminal justice system, be careful what you wish for. To these hackers and many other people, the fact that this company is not illegal in the eyes of the old criminal justice system is irrelevant. To these hackers, it is amoral. These hackers have decided unilaterally what morality is, who is guilty, and how punishment will be executed. Publicly destroying people and businesses that somehow offend somebody else is now the new normal. The old system of justice won't protect you anymore because even if the old system catches these hackers, the damage will be done and can't be undone.

    1. Re:Welcome to the new "criminal justice" by Fire_Wraith · · Score: 3, Interesting

      Moreover, I think of this in terms of the panopticon/total awareness paradigm. We are in no way used to living in a society where our every action is not only recorded, but monitored, to the point that we not only have no secrets, but that we can be punished for transgressions we might have otherwise gotten away from.

      Think about in the office. In times past your boss couldn't monitor you 100% of the day, and unless you really abused things, it was safe to spend a few extra minutes chatting at the water cooler about last night's TV. Now your computer can flag you the instant you step away for more than your allotted two minute bathroom break, and alert your boss.

      Or take speeding, for instance. While it's illegal, something like 99%+ of drivers are going to exceed the speed limit by 1 to 5 mph on any given day. Our speed limits are to a certain degree calculated with that in mind. Do we want to have our locations monitored 24/7 to calculate if we violated them?

      Personally, I don't think people should be cheating, but it's not my place to judge them, nor do I want to see it exposed like this.