The Awesomeness of The Ashley Madison Hack
Cant seem to get enough of this true life Mr. Robot story. A group of vigilante hackers, referring to themselves as The Impact Team hacked the marital cheating site Ashley Madison, whose slogan is “Life Is Short, Have An Affair”. The hackers threatened to release 30 million user records if they did not shut down the site claiming AM takes advantage of others loss. I don’t know where to begin with the awesomeness of this story. Here are some of the more colorful aspects of this story.
- They alerted all employees first by taking over their network so when they signed onto their computers in the morning users saw the image above, with AC/DC’s Thunderstruck playing.
- The smug CTO who often boasted about their data security. (reminds me of the HITEC Hall of Famers).
- At one point they used a password = Pass1234 to gain VPN access to the root directory of all servers. VPN?! Really? Didn’t we learn enough about VPN security when TJ Maxx was hacked .. oh in 2008?!
- They were in monitoring their systems for many months without being detected.
- They asked company to shut down or they will release 30 million user records – which they did.
- They found that 90% of the user records were men, and another large portion were fake female profiles.
- They found emails suggesting that Ashley Madison hacked competitor databases in 2012.
- Many .gov email addresses found in user profiles.
- More emails from their CEO, Noel Biderman, (who looks like a cheap pimp, but not as classy) about his development of a 100 page movie script about their big success.
- CEO Noel Biderman offers anyone with information leading to the hackers arrest $500k (CAD). Really? That’s the value you put on this hack?
- The Impact Team hackers did an email interview http://motherboard.vice.com/read/ashley-madison-hackers-speak-out-nobody-was-watching
While its certainly not cool to publish people’s personal data, these subscribers should understand their vulnerabilities with a site like this and perhaps understand how the internet works (umm..it’s not really a “cloud”, its a server in a datacenter, connected to the public internet??). What The Impact Team did should be applauded. Its become sickening to watch America’s persona get trashed by scumbags like this taking advantage of people. Its one thing to fill a void, (say for lonely people), but another to not even deliver and be a complete fraud. That’s what great about the Internet. For every evil hacker or annoying software company overcharging us for “licenses”, there are 10 times the amount of Robin Hood hackers and open source programmers to stomp them. Had he launched his business brick & mortar, (which is probably what it should be), he would have been fine, but pissing people off, then leaving the (internet) door trusted to an incompetent CTO was not smart.
Can’t wait for The Impact Team’s second act, they suggest corrupt politicians may be the next target.
A fabulous choice … try to work in some Corrupt Wall Street while you’re in there. It wont be hard to find. It’s typically right next to Corrupt Politician in most database schema.
Thanks For Reading!