Scam of the day – September 21, 2015 – Dangerous new development in Ashley Madison hacking

by | Sep 20, 2015 | Scam of the day, Site Related

By now everyone is aware of the major data breach at the Ashley Madison, the dating site for married people seeking to have an affair, in August the hackers followed through with their threat and released 9.7 gigabytes of the stolen data including email addresses, credit card transaction details, partial credit card numbers, addresses and even dating profiles.  Now a new and potentially dangerous development has been uncovered by the hacking group known as CynoSure Prime which discovered vulnerabilities in the password security algorithms used by Ashley Madison that put the passwords of 11.7 million users of Ashley Madison in danger of being hacked.  Ashley Madison switched over to a secure encryption program for protecting passwords in 2012, however, anyone who used Ashley Madison prior to June 14, 2012 continued to have their passwords protected by the weaker and more hackable security program used at that time.  Particularly, because many people use the same password for all of their accounts including online banking, those early users of Ashley Madison are in extreme danger of identity theft by hackers who can readily discover their passwords and use them to gain access to the online accounts of the early Ashley Madison users.

TIPS

The lesson here for early users of Ashley Madison is to change their passwords to all of their accounts as soon as possible.  The lesson to the rest of us is to remember that you should always have a distinct and unique password for each of your online accounts.  It should be a complex password so that it cannot be broken by simple brute force attacks that use millions of guessable combinations such as any word in the dictionary or such common passwords as 123456.  One good way to pick a complex password is to pick a phrase, such as “I Don’t like passwords” and turn it into the basis for a password by making it IDon’tLikePasswords.  This password is already complex in that it has words and a symbol.  Now add a couple of symbols at the end of the password so it may read IDon’tLikePasswords!!! and you have an easy to remember, but strong password.  Now you can just adapt it for each of your online accounts with a few letters to identify the account.  Thus, your Amazon password can be IDon’tLikePasswords!!!Ama and you have a strong, but easy to remember password.