Positive: Professionalism , Quality , Responsiveness , Value You guys are exceptional very professional and understanding I would recommend your to anyone who needs help navigating the legal system
Denise Brown
2 years ago
Ashley Madison Affairs Site Had Been Hacked. The extra-marital affair website, Ashley Madison, announced in June 2015 that the site had been hacked and the data for millions of its users had been compromised. In today’s fast-paced, technology-focused environment, data privacy and security are significant priorities to consumers. Emerging compliance laws struggle to keep […]
Ashley Madison Affairs Site Had Been Hacked. The extra-marital affair website, Ashley Madison, announced in June 2015 that the site had been hacked and the data for millions of its users had been compromised.
In today’s fast-paced, technology-focused environment, data privacy and security are significant priorities to consumers. Emerging compliance laws struggle to keep up with newer business models and technologies; however, with a lack of resources devoted to cyber-security, the legal community points out that significant awards are a real potential for clients who have experienced what appears to be a trend involving issues over forged emails and counterfeit websites, attacks involving denial of service, system and privacy hacks, and unauthorized access issues.
Parker Waichman is investigating potential class action lawsuits on behalf of individuals and businesses that suffered a data breach with the Ashley Madison extra-marital dating site.
Regardless of the type of service offered by a website, “consumers must be confident that their data will be protected,” The New York Times writes.
The Ashley Madison dating website, which serves some 37 million married individuals who seek extramarital, adult affairs, made headlines in June 2015 when it announced it suffered a serious data breach; this, despite the fact that the operators of the site long hyped its data security prowess.
Anyone aged 18 or older may open an account at Ashley Madison. The site touts that it is the best site for affairs, promises discretion, and provides customers with the ability to use a pseudonym. The Ashley Madison tagline is: “Life’s too short. Have an affair” and the site is self-described as “the most famous name in infidelity and married dating.” The service has also long promised users that they may delete their profiles for $19 fee; however, the hackers argue that user information is never actually deleted. Ashley Madison insists that, when users scrub their accounts, all information is erased. Meanwhile, the site waived its deletion fee for all members following news of the hack, according to The New York Times.
Avid Life Media owns Ashley Madison as well as two other popular websites that were also breached: Cougar Life and Established Men, according to The Associated Press (AP). Avid Life Media indicates that it has 40 million members, worldwide.
In response to the breach at Ashley Madison, Bruce Schneier, chief technology officer for Resilient Systems, a security company, told The New York Times, “I think we’re going to see more of it as people see how effective it is.” In fact, data breaches make consumers increasingly susceptible to identity theft and leave significant personal information at serious risk, including:
The Ashley Madison site is attractive to blackmailers and hackers due to its large member databases and the nature of the site.
The group, which goes by the name “Impact Team,” took credit for the breach and indicated that it was displeased with Ashley Madison’s “full delete service,” according to CNN Money. The service promises a complete deletion of a user’s profile and all related data for a $19 fee.
One of Impact Team’s complaints was that the site did not delete Ashley Madison account data. Avid Life Media announced that it had adjusted its policy for deleting user data. “We immediately launched a thorough investigation,” the company told The New York Times, “utilizing leading forensics experts and other security professionals to determine the origin, nature and scope of this incident.”
The hackers expressed their disagreement with these promises and were quoted as writing, in a manifesto published by Brian Krebs, a reporter who covers online security that, “Full Delete netted $1.7 million in revenue in 2014. It’s also a complete lie…. Users almost always pay with credit card; their purchase details are not removed as promised, and include real names and address, which is of course the most important information the users want removed.” For its part, Avid Life Media defended its service and indicated that it would provide the full delete service free of charge, adding that it had hired “one of the world’s top IT security teams” to work on the breach; Avid Life Media did confirm that Impact Team might have obtained the personal information of millions of Ashley Madison’s members.
Impact Team threatened that Avid Life Media must shutter the website, or the Ashley Madison user data, which includes real names, passwords, and members’ financial transactions, would be released, The New York Times wrote.
While Ashley Madison maintains that once a user deletes an account, all related information is erased, Impact Team maintains that user information is not ever permanently erased. Security experts have said that this knowledge, in particular, points to the possibility that someone within the company is likely involved with the hack. In fact, Noel Biderman, chief executive of Avid Life Media, told Krebs that the hacker, “was definitely a person here that was not an employee but certainly had touched our technical services,” according to The New York Times.
American copyright law does allow for Ashley Madison to scrub the private user information that was leaked in the breach and posted elsewhere; Avid Media indicated that it was doing just that. According to Paul Ferguson, senior adviser for Trend Micro, a security software provider, information on Ashley Madison that was deleted in one online forum is now appearing on others. He told The New York Times, “Once something is published on the Internet, it’s there forever.”
At first, Impact Team released some information online; however, what was released did not represent the bulk of what was collected. “We immediately launched a thorough investigation … utilizing leading forensics experts and other security professionals to determine the origin, nature, and scope of this incident,” Avid Life Media responded.
According to Sophos Ltd., when the hackers first accessed the Ashley Madison data, they threatened to make a large-scale dump of the user data. They followed with a 10GB release of user data. Krebs has confirmed that at least some of these originally released records are valid. The hackers then published an additional 20GB of alleged user data.
The hacker group is now demanding money, according to Krebs, who published a confirmed example of one of these extortion demands as a warning to users who may be targeted. Sophos Ltd. described the single example as, “something of a drop in the ocean.”
Krebs says he learned of the scale of the extortion scheme when representatives from an email filtering company contacted him to say that, for its part, the company was taking steps to block outgoing extortion attempts from any “rogue users” of its service. The extortionist attempt Krebs highlighted relies on the Ashley Madison data posted that has already been dumped and states that he will not contact the victim’s spouse if the user sends money in the form of Bitcoins in the amount of BTC1.00000001, which is a little under $200 U.S. dollars. The one-hundred-millionth of a Bitcoin, which is known as a satoshi—Satoshi Nakamoto is the inventor of the Bitcoin system—, represents the smallest fraction of a Bitcoin that may be traded, Sophos Ltd. explained.
The extortion email reads:
Following the threats of the release of Ashley Madison user data making headlines, reports of two suicides allegedly tied to the Ashley Madison data breach were received. Toronto Police official, Bryce Evans, announced at a press conference on August 24, 2015 that the Toronto police are leading the international investigation into the Ashley Madison suicides, but would not say where the suicides took place. Evans did state that the reports are under investigation, according to BNO News. “The ripple-effect of the Impact Team’s actions has, and will continue to, have a long-term social and economic impact, and they have already sparked spin-offs of crimes and further victimization,” he said.
According to the BBC, acting staff superintendent Evans, addressing his comments to the Impact Team hackers said, “I want to make it very clear to you your actions are illegal and we will not be tolerating them. This is your wake-up call.” He also stated, according to BNO News, that, “We’re talking about families. We’re talking about their children, we’re talking about their wives, we’re talking about their male partners….. That’s gonna have impacts on their lives. We now have hate crimes that are the result of this. There are so many things that are happening. So the reality is, we’re saying to you at the end of the day, this is not the fun and games that’s been portrayed a lot in different media outlets live radio stations. This isn’t fun and games anymore. This is reality, it’s affecting all of us.”
Since news of the Ashley Madison hack in June 2015, at least eight Ashley Madison users nationwide have filed lawsuits, according to Sky News. The users involved—from California, Texas, Missouri, Georgia, Tennessee, and Minnesota—seek class action status. The lawsuits seek unspecified damages, claim negligence, breach of contract, and privacy violations; the users also allege that Ashley Madison neglected to take reasonable steps to protect their security, including those users who paid a special fee to ensure their information would be deleted.
Users of the Ashley Madison website have expressed significant concern over, not only potential identity theft, but also regarding the resulting shame that release of intimate sexual preferences and activities may cause. In some case, site registration, with no resultant affair, occurred and may also put marriages in jeopardy.
The personal injury attorneys at Parker Waichman LLP offer free, no-obligation case evaluations. For more information, fill out our online contact form or call 1-800-YOURLAWYER (1-800-968-7529).