Threat Sheet—Saturday, August 22, 2015
Welcome to the Cyber Saturday edition of Data Sheet! Dominating the news this week: Ashley Madison’s hacked data, and the fallout thereof.
Fortune reporter Robert Hackett here, filling in for your regular host, Heather Clancy. I’ll be covering Data Sheet duties through next week as well.
Have feedback? Reach me on Twitter (@rhhackett) or via email email@example.com. Or if you have a real juicy tip, let’s chat off-the-record through a messaging service like Cryptocat or Jabber. You can find me at firstname.lastname@example.org, fingerprint: F225E829 13846232 0709A43A 1ECB83D3 BDDFF6A7. (We can always use good old-fashioned PGP encryption, too.)
Indiscreet connections. This week the group of hackers who breached the extramarital affairs website Ashley Madison made good on its threat. The group, which calls itself "Impact Team," posted three massive caches of stolen data to the dark web—everything from user account information to website source code to executive emails.
While many people must now feel the urge to sift through the trove in search of evidence of any particular person's infidelity, it's still extremely important to remember that even if a certain email address appears, it's not a closed case. Anyone could have easily signed up someone else for an account without that person's knowledge. Confirmation, in this case, is not verification.
Ashley Madison data dump no. 1. The first leak of stolen data, which occurred on Tuesday, mostly contains customer details: names, email addresses, partial credit card information, sexual preferences—even GPS location data. (Wired)
Ashley Madison data dump no. 2. The hackers posted their second leak on Thursday, and it mostly contains source code for parent company Avid Life Media websites. One file seemed to suggest that the emails of CEO Noel Biderman would be revealed, too. That file, however, was corrupted. (Fortune, Verge)
Ashley Madison data dump no. 3. The third leak went live on Friday, and this one does expose the email correspondence of Avid Life Media CEO Noel Biderman. (Vice Motherboard)
Fortune contributor S. Kumar on how the Ashley Madison hack hurts everyone, not just cheaters.
"Companies such as Amazon and Walmart undoubtedly spend a lot of money to keep their users’ preferences hidden from prying eyes. But presumably so did Ashley Madison, although reports indicate that the company knew of possible security concerns before the breach but failed to act on them in time. The lesson here is that if a site that depends on discretion and security for its success can be hacked, so can many others. This can severely limit choice for consumers and hurt their ability to buy and sell legal goods freely on the Internet." Read more on Fortune.com.
The Ashley Madison hack ruined my life. (CNN Money)
Ashley Madison hackers speak out: 'Nobody was watching' (Vice Motherboard)
An Ashley Madison recession? Or an Ashley Madison stimulus? (New York Times)
Extortionists target Ashley Madison users. (Krebs on Security)
How to search the Ashley Madison leak. (Washington Post)
Slackbots. The chat app is infested—in a great way. (Wired)
Let's take a spin. In a Tesla. (Fortune)
Neuron discoverer. Read his long lost dream journal. (Nautilus)
Future TV. The boob tube in 5 years. (Medium)
A love potion. Using big data (Huffington Post)
"Avid Life Media is like a drug dealer abusing addicts."
Ashley Madison hackers, corresponding via encrypted email with Vice Motherboard in justification of their attack. The group says it may target duplicitous companies and corrupt politicians next.