{"id":181,"date":"2024-06-12T12:06:10","date_gmt":"2024-06-12T12:06:10","guid":{"rendered":"https:\/\/absolutelynothing.io\/?p=181"},"modified":"2024-06-19T20:39:05","modified_gmt":"2024-06-19T20:39:05","slug":"what-do-cheating-ashley-madison-data-privacy-have-in-common","status":"publish","type":"post","link":"https:\/\/absolutelynothing.io\/?p=181","title":{"rendered":"What do Cheating, Ashley Madison, & Data Privacy Have in Common?"},"content":{"rendered":"\n

Diane here, COO and the least technical member of our group! I\u2019ll occasionally take control of our blog to give y\u2019all a break from hearing from Kyle. My posts will focus more on things happening in mainstream media or whatever I find interesting, relevant, or scandalous. Enjoy! <\/em>\ud83d\udda4<\/p>\n\n\n\n

\n\n\n\n

Do you have Netflix? If so, you might have seen their Ashley Madison: Sex, Lies & Scandal<\/em><\/a> docuseries in the trending content recently. Since I\u2019m the COO of a data privacy awareness, education, and advocacy company, I obviously watched the entire series over 24 hours\u2026for research purposes. \ud83d\udcdd\u00a0\ud83d\udd0d<\/p>\n\n\n\n

If you don\u2019t want any spoilers, I would suggest pausing here until you\u2019ve watched the series. \ud83d\uded1<\/p>\n\n\n\n

\"\"
https:\/\/www.theverge.com\/2015\/8\/19\/9179037\/ashley-madison-data-hack-name-address-phone-birthday<\/a><\/figcaption><\/figure>\n\n\n\n

If you would rather not spend roughly 3 hours, below is a quick explainer (you\u2019re welcome).<\/p>\n\n\n\n

Ashley Madison, launched in 2002, is a Canadian online dating website for people looking to hook up outside of their marriage\/current relationship. Their slogan is \u201cLife is short. Have an Affair.\u201d<\/p>\n\n\n\n

Due to the nature of their services, one can assume<\/strong><\/em> they took the privacy of their users pretty seriously. Their website had all sort of \u201cmedals\u201d, \u201cawards\u201d, and other accolades for their data security policies and procedures. We come to find out these \u201cmedals\u201d and \u201cawards\u201d were fabricated and created by some employee using a design editor. (I could have made better graphics and I\u2019m far from being a graphic designer.)<\/em><\/p>\n\n\n\n

In fact, Ashley Madison had no data security policies or procedures in place. \ud83e\udd2f<\/p>\n\n\n\n

At this point you are probably thinking, \u201cOh that\u2019s bad. They probably had all sorts of data on people.\u201d And you would be right. Ashley Madison had databases of names, ages, billing addresses, birthdays, locations, gender, sexual orientation, photos (including some nudes), kinks, and sexual likes and dislikes\u2026 The Verge has an even more extensive list.<\/a><\/p>\n\n\n\n

Scary, right? Just wait, it goes even further\u2026<\/p>\n\n\n\n

Ashley Madison offered the ability to \u201cdelete your data\u201d when you closed your account. That\u2019s right, reader, for the low price of $19 you could have Ashley Madison wipe your data from their servers! It would be like you never signed up in the first place. Poof, it\u2019s gone. Sounds to good to be true, right? Well, that\u2019s because it was. Ashley Madison just took the money and never deleted the data.<\/p>\n\n\n\n

So now we know they didn\u2019t have any data security in place and they retained all the data they collected on anyone who created an account at any point in time. Sounds like a hacker\u2019s dream\u2026and in 2015 that dream became a reality.<\/p>\n\n\n\n

In July 2015, an anonymous group called \u201cThe Impact Team\u201d hacked Ashley Madison. The group said if Ashley Madison didn\u2019t shut down by a certain date, they would leak data. As you can imagine, since I\u2019m writing this post, their demands weren\u2019t met and The Impact Team leaked user data. They also went on to leak more information including company records, floor plans, and the CEO\u2019s company and personal email inboxes. Between the two leaks, about 29GB (gigabytes)* of data including \u201cover 36 million Ashley Madison accounts and 9 million individual credit card transactions\u201d<\/a> was dumped for anyone and everyone to see. (The Verge<\/a> & Tripwire<\/a>)<\/p>\n\n\n\n

\ud83d\udca1 For reference for the non-tech folks out there: The average size of an ebook that you would download to your Kindle or other eReader is about 2.6MB (megabytes)<\/a>. There are 1024 megabytes in 1 gigabyte. So think of it as a little over 11,153 ebooks worth of data being leaked. That\u2019s a lot<\/strong> of data. \ud83d\udca1\u00a0<\/em><\/pre>\n\n\n\n
The docuseries goes on to explain how these two leaks ruined people\u2019s lives. All those data points I mentioned above are now on the internet for anyone to find. You could (and still can) easily find a website with the leaked information and search someone\u2019s name. There was even an Australian radio show having people call in with names and they would share the search results live on air. Marriages and relationships were tested and, sadly, some lives were lost because of the ramifications of this hack.<\/p>\n\n\n\n
I blame two entities for the nightmare and trauma this caused so many people: Ashley Madison and The Impact Team.<\/p>\n\n\n\n
A class action lawsuit<\/a> was brought against Ashley Madison and its parent company, Avid Life Media Inc (now Ruby Corp) and was ultimately settled with Ruby Corp admitting no wrongdoing and agreeing to pay roughly $11.2 million to users impacted by the data breach.<\/p>\n\n\n\n
Ashley Madison still exists and, according to a self-report in 2020<\/a>, has 70 million members.<\/p>\n\n\n\n
\n\n\n\n
This is a very unfortunate case study about why it\u2019s so<\/strong> important to understand what data points companies are collecting from us when we use their services. Here at AbsolutelyNothing, our goal is to help you be an informed digital citizen \ud83e\uddd1\ud83c\udffb\u200d\ud83d\udcbb and the tools our developers are currently hard at work building \ud83d\udc77\ud83c\udffc\u200d\u2642\ufe0f (because I help to keep them on task<\/em>) will help you<\/strong> better understand (1) why companies want certain data about you and (2) how you can take control of your data. \ud83d\udcaa\ud83c\udffb<\/p>\n\n\n\n
Until next time,<\/p>\n\n\n\n
Diane<\/p>\n","protected":false},"excerpt":{"rendered":"
Diane here, COO and the least technical member of our group! I\u2019ll occasionally take control of our blog to give y\u2019all a break from hearing from Kyle. My posts will focus more on things happening in mainstream media or whatever I find interesting, relevant, or scandalous. Enjoy! \ud83d\udda4 Do you have Netflix? If so, you […]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[21],"class_list":["post-181","post","type-post","status-publish","format-standard","hentry","category-uncategorized","tag-june-2024"],"_links":{"self":[{"href":"https:\/\/absolutelynothing.io\/index.php?rest_route=\/wp\/v2\/posts\/181","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/absolutelynothing.io\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/absolutelynothing.io\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/absolutelynothing.io\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/absolutelynothing.io\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=181"}],"version-history":[{"count":5,"href":"https:\/\/absolutelynothing.io\/index.php?rest_route=\/wp\/v2\/posts\/181\/revisions"}],"predecessor-version":[{"id":187,"href":"https:\/\/absolutelynothing.io\/index.php?rest_route=\/wp\/v2\/posts\/181\/revisions\/187"}],"wp:attachment":[{"href":"https:\/\/absolutelynothing.io\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=181"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/absolutelynothing.io\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=181"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/absolutelynothing.io\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=181"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}