Scam of the day – August 20, 2015 – Ashley Madison hackers release stolen information

Impact Team, the hackers who hacked into Avid Life Media, the company that owns and operates Ashley Madison, the dating site for married people seeking to have an affair, followed through with their threat and have released 9.7 gigabytes of the stolen data including email addresses, credit card transaction details, partial credit card numbers, addresses and even dating profiles.   Among the email addresses were 10,000 US military email addresses and hundreds of US government email addresses although it is important to note that the email addresses used to set up an account with Ashley Madison were not verified by Ashley Madison when accounts were set up so anyone could set up an account using someone else’s email address.  Ashley Madison is not the first dating website to be hacked and have sensitive information released to the public.  In May, Adult Friend Finder, was hacked and personal information of 3.5 million members was released to the public.   Ashley Madison claims to have 40 million users. Impact Team released the information on various  dark web website with the announcement copied below.  Although these dark web websites are encrypted and not generally available, it can be expected that the information will become public soon.

TIPS

One of the key lessons here is that your personal information is only as safe as the places with the weakest security that have your information.  It is for this reason that you should never leave your credit card on file for convenience with a website.  Enter it anew each time you make a purchase on Amazon or any other website that you may go to frequently.  As for Ashley Madison in particular, it is a good lesson to remember that you should never give information to any website that would be a source of embarrassment to you if it were to become public after a data breach.

Customers of Ashley Madison can go to a number of websites that have been recently set up to see if their personal information was among the information compromised.  Here is a link to one of them.   https://ashley.cynic.al/

Scam of the day – July 22, 2015 – Ashley Madison website hacked

Ashley Madison, the website for people seeking to have extra-marital affairs that uses the slogan, “Life is Short.  Have an affair” has been hacked by a group calling itself Impact Team.  Impact Team has already released a small amount of the information stolen and has threatened to publicly release all of the data it has stolen from Ashley Madison, which claims to have 37 million members.  According to Impact Team, the information it has includes names,  addresses, sexual interests and credit card details of Ashley Madison’s members as well as employee documents and emails.  In an interesting twist, Impact Team is not demanding ransom from Ashley Madison in return for not releasing the rest of the stolen information, but rather is demanding that Avid Life Media, the company that owns Ashley Madison permanently take Ashley Madison and another similar website it owns named Established Men offline.  Impact Team also took issue with a $19 charge that Ashley Madison charged its customers who wished to have their information deleted.  According to Impact Team, even after paying the charge, their information was not fully deleted.  In response, Ashley Madison says that they do delete the information and that they will now waive the fee.  Here is a link to Ashley Madison’s press release about the data breach and their new policy about deleting information.  http://media.ashleymadison.com/statement-from-avid-life-media-inc-july-20-1225pm/

TIPS

Perhaps the biggest takeaway from this matter as millions of Ashley Madison customers wait in fear that their affairs will be exposed is that your personal information is only as safe as the places that have your personal information with the worst security.  It also is obvious that the more places that have your personal information, the more at risk you are.  Therefore you should limit the places that have your personal information as much as possible.  In addition, you should not leave your credit card on record with a company for convenience sake even if it is one with which you do much business.  Unless you agree to have your credit card information saved, companies with which you use your credit card are not allowed to store that information.  People may also consider using aliases rather than their real names when doing business online.