Ashley Madison database suggests paid-delete option left identifiable data intact

The hacked infidelity site Ashley Madison apparently retained enough personal data about users to identify them to spouses – as the site’s hackers have claimed – despite offering a paid-for “full delete” service, which charged users £15 or $20 to remove all their information.On the database of Ashley Madison accounts, which was posted online by the hackers on Wednesday, accounts that had been wiped by the dating service had their real name, username, email and profile information removed as promised. But the company seems to have retained the date of birth, city, state, post- or zip code, country, gender, ethnicity, weight, height, body type and whether the user smokes or drinks – providing enough information to reveal a user’s identity.
http://www.theguardian.com/technology/2015/aug/19/ashley-madisons-paid-delete-option-left-data-identifying-users-post-claimsAshley Madison: hackers release 10GB database of 33m accounts
Hackers have released what appear to be sensitive and confidential details of 33m user accounts on the infidelity site Ashley Madison, including names, addresses, emails and information about their sexual preferences. The data from the website, whose tagline is “Life is short. Have an affair”, was released by hackers from the Impact Team cybergroup, and took the form of a 10GB database on the “dark web” that could be accessed through a specialised web browser called Tor.One coder then created a site for internet users where it was possible to enter a specific email address to see if that matched a customer record, potentially allowing spouses to check whether their partners had an account on the controversial site.
http://www.theguardian.com/technology/2015/aug/19/ashley-madison-hackers-release-10gb-database-of-33m-infidelity-site-accountsWas the Ashley Madison Database Leaked?
Many news sites and blogs are reporting that the data stolen last month from 37 million users of AshleyMadison.com — a site that facilitates cheating and extramarital affairs — has finally been posted online for the world to see. In the past 48 hours, several huge dumps of data claiming to be the actual AshleyMadison database have turned up online. But there are precious few details in them that would allow one to verify these claims, and the company itself says it so far sees no indication that the files are legitimate.
http://krebsonsecurity.com/2015/08/was-the-ashley-madison-database-leaked/What’s in the Ashley Madison dump?
It appears that hackers have released 10 gigabytes of data stolen from Ashley Madison, a dating website for married people.Hackers claim to have distributed the personal information on 33 million accounts via the dark web and it is now being pored over by security researchers, among others.Many, including security expert Brian Krebs, believe the dump is genuine.
http://www.bbc.com/news/technology-33986228ID Thieves, Blackmailers Have Lots To Gain In Ashley Madison Breach
Unlike the perpetrators of the Sony and Hacking Team doxing attacks, who uploaded stolen data to Pastebin, the attackers who compromised online hook-up site Ashley Madison dumped data on the dark web — which is only accessible via the Tor anonymization network. The dark web is someplace the average Internet user never goes, but a great deal of criminal activity takes place there, including child exploitation and assassins for hire.Could this mean that the Ashley Madison attackers were deliberately trying to put the stolen data in the hands of people who would use it for blackmail? Robert Hansen, VP of WhiteHat Labs for WhiteHat Security doesn’t think so.
http://www.darkreading.com/attacks-breaches/id-thieves-blackmailers-have-lots-to-gain-in-ashley-madison-breach/d/d-id/1321830

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.