Bad guys hacked bad guys. Hmmm, whose side should we take?
Ashleymadison.com got hacked. This site helps and suggests married people cheat. The hack threatens millions of users, potentially revealing their credit card information, addresses, real names, pictures and content of their chat logs.
This dating site has 37 million users and is owned by Avid Life Media. Their other sites, Established Men and Cougar Life, were also hacked.
The hackers responsible call themselves The Impact Team. They object strongly to Ashleymadison.com and had threatened to release all the hacked data unless the site closed down.
The Impact Team is especially unnerved over the site’s Full Delete service that supposedly wipes clean a customer’s profile and everything associated for $19. The Impact Team alleges that Ashleymadison.com took the money but did not delete, retaining clients’ credit card information, names and addresses.
The site denies the claims and is offering the deletion service for free. It’s also fighting to get the millions of personal data pieces removed from cyber space. If it’s already been exposed… too late.
Sounds like some spuses are going to get the frying pan for sure.
The Hacking Team might sell all this personal data for a lot of dough, but that’s a rumor. Either way, the customers are surely shaking in their boots.
A similar thing happened with another site called Adult Friend Finder. Recently, the sex life of its nearly four million users was revealed—purchased underground for $16,800.
What do these recent hacking incidents teach us? Not to cheat? Well, maybe, but more so that you risk a lot by putting your identity and other sensitive information online. Online services cannot guarantee protection from hackers. Maybe Ashleymadison.com’s customers should have used a virtual credit card number, but that wouldn’t have kept other sensitive information concealed.
Had this site used encryption, the hackers would have seen nothing but a bunch of garbled characters: zero value. But most sites don’t use encryption. And when they do, it’s often crackable.
Some sites, like Ashley Madison, have a privacy flaw: If someone knows your e-mail, they can find out if you’re registered with the site because its password reset requires only the e-mail.
If you don’t want anyone to know you have an account with a site, then create an e-mail just for that site. But that’s only one small thing you can do. Your private information may still get hacked into and revealed to the world.
Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.