Ashley Madison CEO Steps Down, Reporter Finds Clues To Hacker's Identity

← Back to Stories (view on slashdot.org)

Ashley Madison CEO Steps Down, Reporter Finds Clues To Hacker's Identity

Posted by Soulskill on Friday August 28, 2015 @06:48AM from the chickens-coming-home-to-roost dept.

Dave Knott writes: Following the recent hacks on the infidelity website Ashley Madison, Noel Biderman has stepped down as CEO of both AshleyMadison.com and its parent company. Avid Life Media Inc., the company that owns the site and many others, announced Biderman's move in a short press release on Friday: "Noel Biderman, in mutual agreement with the company, is stepping down as chief executive officer of Avid Life Media Inc. (ALM) and is no longer with the company. Until the appointment of a new CEO, the company will be led by the existing senior management team." Before the data hack, the company was planning an IPO in London that would have taken in as much as $200 million from investors. According to regulatory filings, the company had $115 million in revenue last year, more than four times the amount it obtained in 2009.

Meanwhile, in related news, Brian Krebs (the reporter who first uncovered the hack) says he has uncovered clues to the possible identity of the hacker. Krebs says he noticed the Twitter account operated by a known hacker recently posted a link to Ashley Madison's stolen proprietary source code before it was made public. Intrigued by the poster's apparent access, he examined the account's posting history and noticed a predilection for the music of Australian hard rock band AC/DC. This jibes with the behavior of the hacker(s), who had displayed threatening messages on the computers of Ashley Madison employees, accompanied by AC/DC song Thunderstruck. In a series of tweets, the owner of the account, one Thadeus Zu, appears to deny that he was behind the hack, and indeed makes several suggestions that the account itself isn't even run by one person, but is instead an amalgam of like-minded digital vigilantes. The NY Times also reports that people whose details were contained in the leak are beginning to face threats of blackmail.

5 of 215 comments (clear)

Min score:

Reason:

Sort:

He should be going to jail by Anonymous Coward · 2015-08-28 06:59 · Score: 5, Informative

He ran a fraud:
Almost None of the Women in the Ashley Madison Database Ever Used the Site

...
About two-thirds of the men, or 20.2 million of them, had checked the messages in their accounts at least once. But only 1,492 women had ever checked their messages.
...
... a member had last replied to a message from another person on Ashley Madison. 5.9 million men had done it, and only 9700 women had.
...
Out of 5.5 million female accounts, roughly zero percent had ever shown any kind of activity at all, after the day they were created.
...
1. Re:He should be going to jail by vux984 · 2015-08-28 10:38 · Score: 5, Insightful
  
  I imagine they had those bases covered with ToS language.
  
  A judge may not side with them just due to ToS. And A.M. misrepresented the facts pretty grossly here, and failed to live up to its obligations (paid delete).
  Canada is pretty pragmatic about contracts; and its pretty common to side with the "little guy" if the contract is deemed to be deliberately constructed to weasel out of what a reasonable person should think they were signing up for.
  
  There's also the fact that once a female made a response in that sort of environment, you'd probably have a date and be able to take it off the site,
  Even so... only 9700 accounts by women ever sent a single message. And we don't know how many of those 9700 sent only one and then vanished, or how many of them had been online in the last 3 years... the number of active women on the site could well have been in the middle HUNDREDS.
  
  As you pointed out, the numbers of women actually participating were overwhelmingly dwarfed by number of males, just as they are on most dating sites
  1) Were not talking overwhemlingly dwarfed. I consider 10 or 20 to 1 to be overwhelmingly dwared. We're talking thousands to 1, maybe even 10s of thousands to 1. You could spend your whole month sending female profiles messages without getting a response... not because the women weren't interested in you, but because you never actually sent it to an account a woman actually even used.
  Given that AM is charging you to send messages to these women (over and above "membership")... they are literally taking money so you can send a message to a fake account that no woman has ever used. Men may have to accept that not every message they send will be responded too, or even read, but to accept (without clear disclosure) that they have *vanishingly small odds* the messages they are paying to send will even be delivered to an account a real person even uses is beyond the pale. That's fraud.
  
  just as they are on most dating sites. Most of the money in those sites is getting males to stay interested enough to keep shelling out money.
  All that suggests is that fraud is probably pervasive in the industry and perhaps we should regulate these sites to disclose membership numbers, and for those numbers to be independently audited.
  So that consumers can make an informed buying decision.
  
  It's like ladies night at the bars.
  I can see pretty clearly whether or not there are any ladies at the bar. And its not terribly hard to tell if they are all hookers and hostesses paid by the bar itself to be there.
CEOs stepping down by Bovius · 2015-08-28 07:00 · Score: 5, Informative

Protip: The CEO stepping down after a public embarrassment has never been anything other than a publicity stunt to save face. It does not represent remorse or an intent to change policy. At most, it means "we want someone who will do continue to do the same things we've always done but, somehow, will magically make these revelations stop happening".
I would be shocked if Biderman wasn't receiving a nice golden parachute along with it. Or at least silver.
Re:That really narrows it down by tomhath · 2015-08-28 07:41 · Score: 5, Informative

When you only include people who had access to the source code before it was publicly available, the pool becomes quite small.
Re:Ironic by vux984 · 2015-08-28 07:45 · Score: 5, Informative

The guy who ran a website for cheaters was always open about that fact.
On the other hand he was less than honest about how many actual women were on the site. (Fewer than 15,000 vs millions of clearly fake profiles) and also less than honest about what a "paid delete" actually paid for.
So men paid money to join a site to cheat with women that didn't exist, were then charged extra to send messages to women's accounts that were fake, and then when they paid even more to delete their accounts, well that didn't happen either.
If that's your idea of honesty and transparency, I don't know what you think counts as "dishonest".