An insider could have been behind the huge hack on infidelity dating site Ashley Madison.
News broke last month of a hack that saw customer data stolen from Ashley Madison – a hugely controversial site that allows married individuals to organise affairs. Now, with the site still operational but many users fearing the leak of this information, it has been claimed that the hack most probably came from within the company and not a third party.
Cyber security lecturer Dr Daniel Dresner explained: “Doors are opened up from someone on the inside. This might just be an excuse, but so many of the actual attacks we see are opened up by somebody [inside].”
Despite the site’s controversial offering, it wasn’t the infidelity that drove hackers to steal user data but instead its suspect business practices.
The so-called ‘Impact Team’ hacking group specifically highlighted Ashley Madison’s practice of charging users to delete their accounts. Furthermore, users were told that paying for this service would see all of their information removed from Ashley Madison’s servers – something the Impact Team argues isn’t true. To prove their point, the hackers claim they even have personal information (such as names, addresses, credit card information and even secret fantasies) from those who had previously requested account deletion.
Account deletions – too little too late?
As a short-term solution, the site’s owners (tagline: ‘Life is short, have an affair’) offered free account cancellations. It’s not been revealed how many people took up this offer, but with the data having already been stolen it matters little should this information see the light of day.
Several weeks after the hack, both parties were still engaged in an ongoing standoff. The hackers said they would keep the data to themselves if Ashley Madison owners, Avid Dating Life, closed down the site. Ashley Madison, however, is still live and boasting having 38 million members. If the standoff continues it will work in Ashley Madison’s favour, as those who tried to access this hacked data have found it increasingly difficult – if not impossible – to find. Instead, they are being served ads and religious propaganda.