View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
August 19, 2015

Ashley Madison Hack: 5 experts measure the (in)fidelity of the data dump

Hackers delivered on their promise.

By Ellie Burns

Hackers have delivered on their promise to post data stolen from cheating site AshleyMadison.com, dumping 9.7 gigabytes worth of data onto the dark web.

Account details, logins, names, addresses and emails are reportedly part of the dump, with payment transaction details going back to 2007 also posted.

The data dump could contain details belonging to any one of Ashley Madison’s 32 million users, though it has been highlighted how a number of the details seem to originate from fake accounts.

Impact Team claimed responsibility for last month’s hack on the infidelity website, demanding that Avid Life Media, the parent company of AshleyMadison.com and sister site Established Men, take down the two sites.

The hack has divided popular opinion, with some feeling that the cheaters got what they deserved, while others regarded the breach of privacy, regardless of ethics, as criminal and illegal.

CBR has followed up on our original reaction piece with the security experts giving their take on the fallout from the data dump.

1. We shouldn’t be surprised

Dr Chenxi Wang, VP of Cloud Security & Strategy at CipherCloud, said:

Content from our partners
How to turn the evidence hackers leave behind against them
Why food manufacturers must pursue greater visibility and agility
How to define an empowered chief data officer

They [the customers] could have been spared if Ashley Madison had done the tough but right thing. But maybe we should not be surprised – trust is not the strong suit for a company that makes its money by encouraging people to lie and cheat."

2. Sick & twisted

George Anderson, director at Webroot, said:

"There is a desire to hurt people here and that’s sick as well as being criminal. Whilst readers’ morals may conflict either seeing this group of hackers as good or bad guys, the fact remains that the Impact Team illegally obtained sensitive personal info.

"I’d imagine the fall-out is divorces, firings and blackmail – really personally malicious and upsetting stuff."

3. The bluff that backfired

luke Brown, Vice President & GM, Europe Middle East Africa India & Latam at Digital Guardian, said:

"If ALM were trying to call The Impact Team’s bluff then it seems to have backfired pretty spectacularly. While the data has only been released on the dark web for now, it will inevitably find its way into more mainstream channels over time, resulting in very public naming and shaming for Ashley Madison’s members.

"Perhaps even more embarrassing for ALM and Ashley Madison is the disclosure of the fact that a significant proportion of users on the site are fake, bringing into question the credibility of the website as a whole."

4. Remember Grandma’s coffee table

Corey Nachreiner, CTO at WatchGuard, said:

"It is a reminder that cyber criminals may be hacktivists with social agendas who want to disrupt day-to-day business or organised criminal groups going after your customers’ financial or personal data – or in this case, both. At the route of these exploits, I am reminded of the advice I regularly give to kids.

"At a very basic level, do not put anything online you wouldn’t be happy to see on the front page of news on your grandmother’s coffee table. The internet is forever, no matter who you trust with your data."

5. The biggest cyber heist in history?

Blue coat, who previously predicted that the Ashley Madison breach will have a long tail last month, said:

"Now that more than 9 gigabytes of data has been released, they may begin to look at the financial value of a target to see if they will profit from the time spent building malware for the attack.

"This data is most likely to be amongst some of the most valuable data set compromised so far. If it is worth $100 to ‘go away’ and there are 37 million users, this could be one of the largest cyber heists in history."

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU