AshleyMadison.com, a website that has been accused of encouraging married couples to have an affair, said Monday that it has been hacked and user data has been stolen. You can read more about that here, http://krebsonsecurity.com/2015/07/online-cheating-site-ashleymadison-hacked/ . The risqué site claims to have 37 million members, and uses “Life is short. Have an affair” as their advertising slogan.
Although the site appears to have been compromised, no data has been leaked at this time. Barracuda Real Time Systems, whichdraws from the largest and most diverse installed base in the industry to detect early trends in email spam campaign and e-mail-borne threats, has not seen common Ashley Madison spam, which begs to question if their practices to promote their site via e-mail are as lewd as what their website promotes. Either Ashley Madison themselves are sending spam emails, or they are paying third parties to spam their target market.
However, the hackers, who call themselves the “Impact Team,” are threatening to release everything from user accounts, from sexual proclivities, to financial transactions if the website isn’t shut down.
This hack follows in the footsteps of the hack on the website, Adult Friend Finder, another “hook-up” site that claims to have roughly 64 million members, read more here about that, https://grahamcluley.com/2015/05/adultfriendfinder-database-download/.
There is a common misconception that once information is deleted from an online account, that that data is then gone forever. This idea couldn’t be more false. Once something is “deleted,” or “deactivated,” all of the information may still be stored. There are all types of reasons for this, however, in this instance it could be simply due to the convenience it allows if users have a change of heart and decide to log back in to a particular site. Unfortunately, in the event of a breach like this, there’s the possibility that data of past and present members have been compromised.
From your refrigerator to your car, anything connected to the internet is susceptible to an attack. We recommend investing in powerful multi-layered technology to keep your organization and data secure. In addition to investing in security technology, it’s important to remain as proactive as possible in your approach to security by taking the time to educate your workforce about how to identify and avoid web threats.