Online dating services have been around since shortly after the conception of the Internet, slowly evolving into what they are today: one of the most popular forms of matchmaking in the United States. The Internet has enabled people from all walks of life to find love, from gaming geeks to people who want gluten-free partners. Unfortunately, however, some people just aren’t happy with what they’ve found. With special thanks to the invention of sites like Ashley Madison, these individuals no longer have to go out to bars or shady motels to two-time their significant other; they can do it from the comfort of their homes.
Billed as a service for people who felt dragged down from their commitment, Ashley Madison heavily advertised itself in the media with the tagline “life is short, have an affair”. Not only did the site have millions of members (something they proudly announced as a selling point), they went so far as to guarantee that you would find that other ‘special someone’ in your life. Never trust a guarantee when it comes to digital security.
What Could Possibly Go Wrong?
In July and August, 2015, the scandalous business made headlines after it was revealed that a group of self proclaimed hacktivists known as “The Impact Team”, had successfully breached the Ashley Madison website and bypassed the digital security therein. The Impact Team had seized many gigabytes of company e-mails and member’s personal information; including names, home addresses, e-mail addresses, and credit card information. The group threatened to post this sensitive information if Ashley Madison and its parent group, Avid Life Media, did not cease operations. Avid Life Media snubbed the hacker’s requests, and soon after, the personal information of millions of users was released for the world to see.
Naturally, a media frenzy followed, and the company went into damage control. As if things weren’t going bad enough for the folks at Avid Life Media, it was soon revealed that the site offered users the option to “delete” their accounts for a fee – the ultimate way to cover-up your shady dealings. However, Ashley Madison did not delete the information of the users who paid the fee, the information was simply hidden from view on the website. Because of this lapse in digital security, The Impact Team was able to expose the private, personal information of thousands of individuals – an ironic breach of trust. In an interview with Motherboard, The Impact team stated, “We didn’t blackmail users. Avid Life Media blackmailed them.” A somewhat innocuous statement made by the hackers, yet true nonetheless.
Despite the rapid fall of Ashley Madison, there was still money to be made for the industrious few that understood the panic that can arise from a breach in digital security. Several online services, such as ashley.cynic.al and Trustify popped up allowing users to see if their e-mail or other information had been released in the hack. Shady private investigators and other “hackers” even offered their services to cover up the information released in the digital security breach – for a fee, of course. Much like the claims by Ashley Madison that the website was secure and anonymous, many of these claims turned out to be bogus.
What To Learn About Digital Security from the Ashley Madison Leak
Folks, there are a few lessons to be learned here. The biggest and most important is one that we’ve discussed before: Trust, but verify. Taking a company at their word in the cyber age is never a safe bet – when it comes to your personal, private information, there are steps that should be taken to ensure your own digital security.
- Firstly, don’t assume a website is secure simply because the advertisements say so. Security is serious business, and Avid Life Media learned the hard way that it should never be taken fro granted.
Even though the passwords on this site were encrypted, the algorithm used was cracked with a piece of free software using a dictionary attack. Not exactly the level of security you’d want protecting your personal and financial details.
- Never assume that your data has been wiped. Anonymity is a modern-day unicorn – much harder to find in reality, and even more difficult to obtain. Perhaps the Ashley Madison Leak will show many individuals the true risk of trusting your privacy to somebody else
At the time of this writing, The Impact Team’s participants have not been identified, with the group vowing to attack other institutions it sees as morally degraded or corrupt. Here it is, a few months later, and the world is still reeling. With this group and many others threatening such attacks, people should be thinking more about how secure their private information really is online, and how much they are willing to trust other people safekeeping it. If this breach, and those of the 2014 Year of Mega Breaches has shown the world anything, it is that digital security is nothing to take lightly. Hopefully, this attack will serve as a nasty wake up call to anyone that thinks privacy and security are given in the digital world.
What do you think? Do you agree with me? Do you want to talk hackers and digital security? Drop a comment below – We would love to hear from you!
For more info about Hackers and their ilk, check out our HackerAttacker blog!