Skip to Content

Threat Sheet—Saturday, August 22, 2015

Welcome to the Cyber Saturday edition of Data Sheet! Dominating the news this week: Ashley Madison’s hacked data, and the fallout thereof.

Fortune reporter Robert Hackett here, filling in for your regular host, Heather Clancy. I’ll be covering Data Sheet duties through next week as well.

Have feedback? Reach me on Twitter (@rhhackett) or via email robert.hackett@fortune.com. Or if you have a real juicy tip, let’s chat off-the-record through a messaging service like Cryptocat or Jabber. You can find me at rhhackett@jabber.ccc.de, fingerprint: F225E829 13846232 0709A43A 1ECB83D3 BDDFF6A7. (We can always use good old-fashioned PGP encryption, too.)

TOP INTELLIGENCE

Indiscreet connections. This week the group of hackers who breached the extramarital affairs website Ashley Madison made good on its threat. The group, which calls itself “Impact Team,” posted three massive caches of stolen data to the dark web—everything from user account information to website source code to executive emails.

While many people must now feel the urge to sift through the trove in search of evidence of any particular person’s infidelity, it’s still extremely important to remember that even if a certain email address appears, it’s not a closed case. Anyone could have easily signed up someone else for an account without that person’s knowledge. Confirmation, in this case, is not verification.

THREATS

Ashley Madison data dump no. 1. The first leak of stolen data, which occurred on Tuesday, mostly contains customer details: names, email addresses, partial credit card information, sexual preferences—even GPS location data. (Wired)

Ashley Madison data dump no. 2. The hackers posted their second leak on Thursday, and it mostly contains source code for parent company Avid Life Media websites. One file seemed to suggest that the emails of CEO Noel Biderman would be revealed, too. That file, however, was corrupted. (Fortune, Verge)

Ashley Madison data dump no. 3. The third leak went live on Friday, and this one does expose the email correspondence of Avid Life Media CEO Noel Biderman. (Vice Motherboard)

 

ACCESS GRANTED

Fortune contributor S. Kumar on how the Ashley Madison hack hurts everyone, not just cheaters.

“Companies such as Amazon and Walmart undoubtedly spend a lot of money to keep their users’ preferences hidden from prying eyes. But presumably so did Ashley Madison, although reports indicate that the company knew of possible security concerns before the breach but failed to act on them in time. The lesson here is that if a site that depends on discretion and security for its success can be hacked, so can many others. This can severely limit choice for consumers and hurt their ability to buy and sell legal goods freely on the Internet.” Read more on Fortune.com.

RECON

Early notes on the Ashley Madison hack. (Awl)

The Ashley Madison hack ruined my life. (CNN Money)

My wife found my email in the Ashley Madison database. (Atavist)

Ashley Madison hack shatters any illusion of tech privacy at work. (Fortune)

Ashley Madison hackers speak out: ‘Nobody was watching’ (Vice Motherboard)

An Ashley Madison recession? Or an Ashley Madison stimulus? (New York Times)

Family values activist Josh Duggar had a paid Ashley Madison account. (Gawker)

Extortionists target Ashley Madison users. (Krebs on Security)

Sam and Nia Star speaks out on Ashley Madison account: ‘My wife has forgiven me’. (People)

Ashley Madison hack exposes (wait for it) a lousy business. (Wired)

How to search the Ashley Madison leak. (Washington Post)

The puritanical glee over the Ashley Madison hack. (Intercept)

The Ashley Madison hack should be a wake-up call. (Economist)

 

TREATS

Slackbots. The chat app is infested—in a great way. (Wired)

Let’s take a spin. In a Tesla. (Fortune)

Neuron discoverer. Read his long lost dream journal. (Nautilus)

Future TV. The boob tube in 5 years. (Medium)

A love potion. Using big data (Huffington Post)

 

EXFIL

“Avid Life Media is like a drug dealer abusing addicts.”

Ashley Madison hackers, corresponding via encrypted email with Vice Motherboard in justification of their attack. The group says it may target duplicitous companies and corrupt politicians next.