Hackers will go where the data resides, and there is perhaps no “juicier” website than the infamous Ashley Madison website that facilitates extra-marital relationships for nearly 40 million people. Owned by the Avid Life Media group, the Ashley Madison website is part of a family of similarly-minded websites including Couger Life and Established Men. The breach was allegedly perpetrated by a group known as the Impact Team, and according to their posted manifesto, the attack was in response to alleged corporate malfeasance on ALM’s part – not, as many might think, in response to the encouragement of cheating spouses. Impact Team alleges that the program promoted by ALM called “full delete” does not in fact do what it promises: for a fee, members can request their profiles be completely erased from ALM records. The supposed “hacktivists” are threatening to post online all the data they’ve stolen from ALM unless their demands are met: take Ashley Madison and Estalished Men offline permanently.
What this means for you:
Personally identifiable information aside, getting outed for having an account on an adultery website is really “sensitive” data, no question. Though it shouldn’t hurt your employment prospects in theory – employers can’t discriminate based upon marital status (or fidelity for that matter) because that category of information falls under protected status, it can definitely wreck a marriage, and theoretically your finances from that point on. Assuming Impact Team plans to release all the data they’ve stolen, someone will undoubtedly turn it into a searchable database, and even the most trusting of spouses would be hard tempted to not have a peek. So on top of having your identity stolen, you could also lose the love and trust of a spouse, friends and family. I’m pretty sure the latter is worse than the former.
Despite ALM’s vague promises to remove confidential data as it appears, once data is on the internet, you can never take it down. It’s clear that ALM has no plans to accede to any of Impact Team’s demands, and even if the hackers don’t make good on their threats to publish, it’s still highly likely that trove of info will get sold or stolen and consequently published and used. So what do you do if you happen to have an entry in ALM’s database? It’s too late to take advantage of their “full delete” service-if it ever worked in the first place! If you haven’t already done so, getting some form of credit watch service lined up is a good idea, and changing your passwords is a solid first step. Next, I’d recommend seeking advice from qualified professionals in the areas you’ll most likely be living through from here on out.