Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Privacy Crime Security

Ashley Madison Hack Claims First Victims 706

wired_parrot writes: Toronto police are reporting that 2 unconfirmed suicides have been linked to the data breach. This follows pleas from other users of the site for the hackers to not release the data before it was exposed- an anonymous gay Reddit user from Saudi Arabia, where homosexuality is illegal, pleaded for the data to be kept private: "I am about to be killed, tortured, or exiled," he wrote. "And I did nothing." And when The Intercept published a piece condemning the puritanical glee over the data dump, one user who commented on the article said she's been "a long term member" of the site because her spouse's medical condition has affected their intimate life. Her spouse knows she's engaged with other Ashley Madison members, she says, but now fears she will likely lose friends and have to find a new job now that her association with the site is out there. Ashley Madison has now offered a $380,000 reward for information that leads to the arrest and conviction of the hackers who leaked the data. Security researcher Troy Hunt has also posted about the kind of emails he's received from users after the data leak.
This discussion has been archived. No new comments can be posted.

Ashley Madison Hack Claims First Victims

Comments Filter:
  • by Bruce66423 ( 1678196 ) on Monday August 24, 2015 @11:32AM (#50380875)
    This should create the head of steam required to get some legislation passed to make companies and specific executives SUFFER if they screw up their data security. Ultimately that means if an executive is advised that a system is insecure, fails to act and it gets hacked, the executive needs to personally liable, with a small taste of prison. It happening once is all that is required....
    • by Opportunist ( 166417 ) on Monday August 24, 2015 @11:45AM (#50381007)

      Rest assured that the new legislation will make hacking a crime worthy of being hung, drawn and quartered while at the same time not changing anything about how corporations have to secure data, or even (god forbid!) be punished for having sloppy security.

      • by gstoddart ( 321705 ) on Monday August 24, 2015 @11:57AM (#50381161) Homepage

        And, of course, don't forget carving out huge exemptions for copyright holders aggressively being assholes^Wdilligent ... there will be one of those.

        And one for law enforcement, because hacking is OK if you're law enforcement.

        And to protect the children. You can do anything if you're protecting children.

        And national security, even if it is unrelated to national security. You know, that way the Stingray devices are still OK.

        By the time all of those exemptions get made, it will boil down to "it shall be illegal for any private citizen to exploit the security holes we have ensured are in place", and will be utterly meaningless.

        But, nosirree, we can't risk impacting quarterly profits and executive bonuses by ensuring corporations have legal responsibility to safeguard data. That would be like Communism.

      • by DarkOx ( 621550 ) on Monday August 24, 2015 @12:13PM (#50381337) Journal

        not changing anything about how corporations have to secure data, or even (god forbid!) be punished for having sloppy security.

        And why should it? For the sake of argument do you think the government should tell you that you MUST install a home security system, have dead bolts on every exterior door, require exterior doors be steel or solid wood, limit the side of windows to no more than 1" by 1" or require bars? If you violate any of these rules on your structure fine or punish you? Should we lighten up the sentences for "breaking and entering" or even burglary?

        Personally I think with certain exceptions like public Utilities etc that already enjoy a special relationship with government and a captive market, that companies ought to be allowed to have whatever security posture they like. They should simply have to be honest about it with consumers. Government ought to do one of the few things its Constitutionally supposed to do and set some standards of measure.

        Develop some NIST definitions for overall information security postures. If companies then want to claim they have a 'Double plus good can't hack me bro' rating there is a way to prove that. Then if one of these breaches happens and its done in a way that should not have been possible while in compliance like 'plain text data on laptop found on bus' we would all be able to go after them for contract fraud or false advertising etc.

        Additionally we should have some disclosure laws, just like food labels there need to be some standardized categories and forms companies that maintain any information that is personally identifiable other than firstname, lastname, current address, billing address, and primary phone number, should be required to disclose that on a standardized and both electronically readable and human readable format. Maybe a nice TML or INI like file.

        • Re: (Score:3, Insightful)

          If you store other peoples' shit in your home for money, damn right you are responsible for its security. Nobody cares if your own stuff gets stolen.

          • by TechyImmigrant ( 175943 ) on Monday August 24, 2015 @01:24PM (#50382121) Homepage Journal

            If you store other peoples' shit in your home for money, damn right you are responsible for its security. Nobody cares if your own stuff gets stolen.

            My wife has a yarn store and import/distribution business for fancy schmancy yarns. We have customer data, not by choice, customers demand it for their convenience. I happen to be a security/crypto type engineer. So we worked out what the plan was based on the notion that a yarn store is helpless in the face of electronic warfare.

            1) Outsource anything touching PCI-DSS. The payment card machine doesn't attach to the computer. The online payments are through a service that handles the card data on their servers while appearing to be on our web site and PCI-DSS compliance is part of their service. PCI-DSS sucks (I've read the specs - It's not pretty). But it's what we have. So pay someone else to hold the responsibility who on the surface may be better positioned that a yarn store to handle such data.

            2) Don't keep customer credit card data on a computer. Use other means.

            In general, there's nothing anyone can do who isn't deeply involved in computer security and cryptography, which on average is everyone. Those few who are involved in the intersection of retail and computer security are disempowered by the payment card companies who dictate terms, avoid liability and push absolutely useless security standards on the rest of us.

        • by Steve B ( 42864 ) on Monday August 24, 2015 @12:59PM (#50381839)

          And why should it? For the sake of argument do you think the government should tell you that you MUST install a home security system, have dead bolts on every exterior door, require exterior doors be steel or solid wood, limit the side of windows to no more than 1" by 1" or require bars?

          If you're in business and promising your customers that you're keeping their stuff secure, well, yeah, there should be legal penalties for not meeting some standards of due diligence (admittedly, there's quite a bit of wiggle room as to where those standards should be set).

        • by s.petry ( 762400 ) on Monday August 24, 2015 @01:07PM (#50381925)

          Your own Apples to other people's Orangutans comparison.

          The Government requires you to have vehicle insurance because you impact other people if you wreck on a road. Banks are required to have insurance protecting a specific percentage of deposited wealth. You will go to jail if you kill someone while driving even if it was on accident if you don't have insurance. Banks have had people go to jail when they lied about or have not met obligations required by law. Why should a business be treated differently exactly? No reason, except that we lack enforceable regulation.

        • Well a couple of good places to start for standards in this area would first be the NERC CIP standard [nerc.com] and once you have got that down then proceed to the Cybersec Procurement Language for Energy Delivery Systems [energy.gov] (warning PDF) for a set of industry best practices that are highly encouraged to be in vendor contracts. While they are written for energy management systems the ideas and regulations should mostly be applicable to all other systems that need computer security as well.
    • by swb ( 14022 ) on Monday August 24, 2015 @11:55AM (#50381123)

      As much as I'd like to drag all the cheap-ass executives who shortchange IT security and reliability with an eye on promotion and their own bonuses into the street and have them tarred and feathered, I can only imagine that such a regulation would have loopholes a mile wide.

      What makes a system insecure? The system integration/networking? The software, especially third party software with its disclaimers about "no liability for implied merchantability and fitness for a particular purpose"?

      Who judges a system as secure/insecure? If I get a third party to sign off on it, are the execs then immune? How long does a system retain its status as officially secure? Can you patch it with new patches, which theoretically could introduce their own flaws?

      How about unknown zero-days? You could judge a system as secure and then a new zero-day appears in some critical security juncture that renders it insecure. Worse yet, what about unknown exploits used for which there are no patches?

      To me it smells like Sarbanes-Oxley all over again.

      • What makes a system insecure?

        the fact that it's been broken into

        Who judges a system as secure/insecure?

        maybe it could be the people whose credit card info has been stolen

        How about unknown zero-days?

        Why not make it really simple? If your system gets broken into, it's your fault. This same logic is very successful in many other such situations. The threat of punishment is enough all by itself to keep bad actors in line. You don't need to construct more government apparatus to oversee them.

    • Legislation is useless because no one bothers to prosecute these crimes unless it's easy. Oh, and we don't need legislation because we already have it, which is why I can say with authority it's useless...

    • by epiphani ( 254981 ) <epiphani@dal . n et> on Monday August 24, 2015 @12:02PM (#50381215)

      This is a bit like saying you're going to send someone to jail for getting rear-ended waiting at a traffic light.

      I totally agree, data security is a big deal - but I think "gross negligence" probably covers the fact that someone did not put proper security in place. Beyond that, it's an arms race. You can't hold someone responsible for being hacked, unless they've demonstrated that they didn't even try to avoid it. Reasonable preventative measures.

      The same reason you can't claim insurance when you don't have any locks on your house. But if they really want to, that moat and electric fence won't stop someone from breaking into your house.

      • by FranTaylor ( 164577 ) on Monday August 24, 2015 @01:12PM (#50381979)

        You can't hold someone responsible for being hacked, unless they've demonstrated that they didn't even try to avoid it.

        Sure you can, this is why we have insurance. If I put stuff in a storage unit and it gets broken into, it's the storage unit's fault. Period. They will have to pay me. It matters not if they tried to keep out the burglars or not. They will get paid by their insurance company but it is most certainly their fault that my stuff got stolen.

    • by Intrepid imaginaut ( 1970940 ) on Monday August 24, 2015 @12:05PM (#50381255)

      Yeah I could row in behind this. We need governments in particular but also corporations to enshrine peoples' right to privacy in hard legislation. The net is turning into a sick dystopian version of its original golden promise.

    • Re: (Score:2, Interesting)

      by BitZtream ( 692029 )

      Considering that Ashley Madison as a whole is illegal in most jurisdictions I would be really surprised if those laws had no effect.

      In NC, USA, the Ashley Madison website is in direct violation of several marriage statutes, namly around willful alienation of affection, which is punishable with jail time.

      Affairs are probably illegal in most states in the U.S. If not all. Facilitating criminal conduct intentionally IS a crime in every state in the U.S.

      • by HornWumpus ( 783565 ) on Monday August 24, 2015 @01:04PM (#50381885)

        Eating pussy is also illegal in NC. Who cares?

      • by cellocgw ( 617879 ) <cellocgw&gmail,com> on Monday August 24, 2015 @01:10PM (#50381957) Journal

        And that is the root cause of this whole situation. We need to find a way to change the overall mindset (especially in these here Unitee States) towards other people's personal sexual congresses. Not only should it be nobody else's business, but nobody should even **care** what some person they're neither related to nor dating is doing.

        If someone's cheating on a spouse (and the spouse does not approve of extramarital sex), the spouse will likely find out one way or another at some point. What happens to the couple is up to them. But what your employees, or Congressional reps, or sports/music/theatre idols do in their personal lives including sex, just plain shouldn't matter.

      • by reve_etrange ( 2377702 ) on Monday August 24, 2015 @01:15PM (#50382005)

        alienation of affection, which is punishable with jail time.

        Bullshit. Even in NC, alienation of affection [wikipedia.org] is a civil matter.

        Affairs are probably illegal in most states in the U.S. If not all.

        Also bullshit. Just a few states still have these laws on the books.

        Furthermore, such laws are plainly totalitarian, they misplace responsibility, they view a marriage as little more than a property deed, and they elevate particular religions to sources of law. No small government conservative, nor any other supporter of a free society, could possibly support such a law. The only reason they haven't been declared unconstitutional is that no relevant case has yet reached the Supreme Court.

        One NC attorney, quoted in the Wiki, says it quite well:

        One North Carolina divorce attorney has written: "Adultery is not uncommon, but an alienation-of-affection case just polarizes everyone and devastates everything in its path including the children and both spouses....The world has changed. Women are no longer viewed as property. Alienation-of-affection is something that dates way, way back, and if there was ever a law that needed to be removed, this is it."

    • by MikeMo ( 521697 )
      All of this seems to presume that a site CAN be made 100% hacker-proof. I don't think that is likely.

      This position reminds me a lot of the folks that want to sue gun companies when someone commits a murder with a gun. The people who released this data have the blood of the two (so far) victims on their hands - they're at least partly resonsible for their deaths.
  • That's an oddly specific reward. They really couldn't spring for $400,000?
    • Re:Oddly specific (Score:5, Informative)

      by OverlordQ ( 264228 ) on Monday August 24, 2015 @11:35AM (#50380905) Journal

      It is, it's a 500k CAD reward, which translates to ~380k USD.

      • Re:Oddly specific (Score:4, Interesting)

        by AmiMoJo ( 196126 ) on Monday August 24, 2015 @11:51AM (#50381093) Homepage Journal

        Seems ridiculously low. They have already been sued for over half a billion CAD. This is likely to end their business. Is that really all they can afford or are willing to pay?

        Shows how much they care about their users. Presumably they are hoping to get someone to grass on the cheap, and only ramp it up later if no-one comes forward. Even more alarming, it suggests that they have no idea who it is and their security is so poor they have nothing to go on.

        • Seems ridiculously low. They have already been sued for over half a billion CAD. This is likely to end their business. Is that really all they can afford or are willing to pay?

          Shows how much they care about their users. Presumably they are hoping to get someone to grass on the cheap, and only ramp it up later if no-one comes forward. Even more alarming, it suggests that they have no idea who it is and their security is so poor they have nothing to go on.

          I'd say how much they cared about their users was shown much earlier--or has the claims about them not deleting information they demanded money to delete not been verified yet? If it has, they're probably going to be gotten for fraud.

    • by invid ( 163714 )

      That's an oddly specific reward. They really couldn't spring for $400,000?

      Convert it to Canadian dollars.

  • by Anonymous Coward on Monday August 24, 2015 @11:35AM (#50380911)

    "I am about to be killed, tortured, or exiled," he wrote. "And I did nothing."

    No, what you did was expose yourself using social media to an authoritarian, abusive government. Realize that or do not.

    • by Opportunist ( 166417 ) on Monday August 24, 2015 @11:48AM (#50381045)

      So the message is "shut up and live a lie in your repressive regime"?

      Be careful what you wish for. You might have to do it soon.

    • That's BS. You could make that argument about anything that would get him caught. The website did not willing give up the account information- it was stolen.

    • Re: (Score:3, Insightful)

      by Anonymous Coward

      "I am about to be killed, tortured, or exiled," he wrote. "And I did nothing."

      No, what you did was expose yourself using social media to an authoritarian, abusive government. Realize that or do not.

      Don't worry. If he took realistic achievable steps to protect himself, I'm sure a cacophany of narrow-minded Slashdotters -- with no knowledge of history and no understanding of the kind of people who like to run things -- would howl at him for being a tin-foil hatter.

    • by Punto ( 100573 ) <puntob&gmail,com> on Monday August 24, 2015 @12:15PM (#50381361) Homepage

      That's my main problem with this, I get that this data breach is a violation of people's privacy, but if someone is killed for doing nothing, it's the fault of the person who killed them, not some hacker. If we blame the hackers, we're reducing every other participant to some sort of deterministic machine, with no mind of its own. That's not what they are; a killer (a person, or a government) can choose not to kill someone for being gay, and if they choose to kill, it's entirely on their hands, and they are responsible for their actions. They don't get to claim that some hacker fed them information and they somehow completely lost control of themselves.

    • "And I did nothing

      That is the problem, right there. You're expecting different results by doing nothing.

  • by jeffb (2.718) ( 1189693 ) on Monday August 24, 2015 @11:36AM (#50380915)

    When you define any extramarital intimacy as "cheating", you've already cut off the debate paths that the victims from the summary illustrate. Not, mind you, that AM's marketing did much to discourage that definition.

    But, hey, enjoy your puritanical two-minute hate, and don't worry about collateral damage.

    (Posting as AC, even though I've never gone near the site, because I'm stuck with this country's puritanical environment and the consequences it imposes for even talking about ethical decisions that don't fit the standard mold. And, yeah, I guess I'm a bit of a coward.)

    • This is slashdot. We will lynch you for saying you were, but forgetting to post as AC, and not care about your ethics. You must be new here.

      • This is slashdot. We will lynch you for saying you were, but forgetting to post as AC, and not care about your ethics. You must be new here.

        Hey now, I haven't made that mistake in a long time. And even when I did, I didn't brag about posting AC but forgetting to check the stupid box.

    • by njnnja ( 2833511 )

      this country's puritanical environment

      Yeah, people in Canada and Saudi Arabia are so judgmental. I'm glad I live in the US where we can have these discussions!

    • by Yunzil ( 181064 )

      When you define any extramarital intimacy as "cheating"

      "This isn't a spade. It's a hand-held dirt shifting implement."

    • by XxtraLarGe ( 551297 ) on Monday August 24, 2015 @12:05PM (#50381251) Journal

      (Posting as AC, even though I've never gone near the site, because I'm stuck with this country's puritanical environment and the consequences it imposes for even talking about ethical decisions that don't fit the standard mold. And, yeah, I guess I'm a bit of a coward.)

      Replying as AC, to tell you that you forgot to mark the "Post Anonymously" checkbox, even though I've never posted AC before, because I'm stuck with this site's puritanical environment and the consequences it imposes for even talking about posting as AC and not using the preview button.

      • by sinij ( 911942 )
        To continue the trend of posting as AC, I didn't find this site approach to posting as AC puritanical. Additionally, I personally browse at 0 and read (and mod up) AC comments.
    • Cheating is a lot more common than many realise [washingtonpost.com]. Maybe it's about time to open up the conversation on why we find one physical activity with another person to be taboo, but not another (like say tennis).

      In a 1991 study, sex researcher Shere Hite found that 70 percent of married women have cheated on their partners; a 1993 follow-up study found that 72 percent of married men have as well. According to a 2004 University of Chicago study, 25 percent of married men have had at least one extramarital affair.

      • by FranTaylor ( 164577 ) on Monday August 24, 2015 @12:17PM (#50381381)

        Here let me fix that for you:

        In a 1991 study, sex researcher Shere Hite found that 70 percent of married women WHO RESPONDED TO THE SURVEY have cheated on their partners; a 1993 follow-up study found that 72 percent of married men have as well. According to a 2004 University of Chicago study, 25 percent of married men WHO RESPONDED TO THE SURVEY have had at least one extramarital affair.

        just remember that most people hang up the phone when it's a survey, those who bother to answer are usually pretty biased one way or the other

        • Maybe so, but if that's the case then we may as well throw out phone surveys as a valid method of research entirely, and I don't think anyone's suggesting that.

          • Maybe so, but if that's the case then we may as well throw out phone surveys as a valid method of research entirely, and I don't think anyone's suggesting that.

            really?

            http://www.people-press.org/2012/05/15/assessing-the-representativeness-of-public-opinion-surveys/

            It has become increasingly difficult to contact potential respondents and to persuade them to participate. The percentage of households in a sample that are successfully interviewed – the response rate – has fallen dramatically. At Pew Research, the response rate of a typical telephone survey was 36% in 1997 and is just 9% today.

            https://www.fhwa.dot.gov/ohim/hang_ups.htm

            This very low response rate prompted a hard look at where we lost potential respondents in the survey process.

            • Okay well again that's one perspective. The point I'm making is that I see no reason why we should attach special emotional value to sex in this age of contraceptives. I mean I can be friends with whoever but stick a dick into the mix and suddenly there's this whole cultural framework that swings into action, expectations and semi-elaborated rituals.

              Maybe we all need to grow up and act like adults.

    • country's puritanical environment and the consequences it imposes for even talking about ethical decisions that don't fit the standard mold

      1) If your spouse says you can have an affair (in general) you're okay, not subject to this problem
      2) If your spouse says you cannot have an affair, or else you're in trouble, you're in trouble, and not subject to this problem

      The problem is, you've ascribed to society social norms things that are social norms. If you don't want social norms to be social norms, then please be kind to your worker when he shows up in a furry outfit, in an open expression of furry love.

      In other words, social norms allow for nom

  • by Wattos ( 2268108 ) on Monday August 24, 2015 @11:41AM (#50380965)

    While I believe that there might be some people who had no "morally" dubious intents, I fail to see why anyone with a traditional moral compass would sign up for this website.

    Even if you are not married and simply looking for a one nighter, you are still signing up to site where married people are looking for an affair. It is right on their main landing page: "Life is too short, Have an affair". While it sucks for them, I feel it difficult to feel pity for them when signing up to a website which main intend is to make is to make it easy for people to cheat.

    The other people could have simply signed up for a different website where the main intent is not cheating. It seems there would be plenty, and none of them are getting hacked

    • While I believe that there might be some people who had no "morally" dubious intents, I fail to see why anyone with a traditional moral compass would sign up for this website

      Exactly, this is like calling on terrorists to clean out the vermin in your attic and then wondering why the authorities are so upset with you.

    • by amicusNYCL ( 1538833 ) on Monday August 24, 2015 @12:37PM (#50381619)

      I fail to see why anyone with a traditional moral compass would sign up for this website.

      A single person looking to meet whoever they can, maybe they're only in town for a few nights and don't expect any interaction after that.

      Ooooh, wait, I see what you did there. "A traditional moral compass", as in your moral compass. "Why would anyone who's great like me do this?" Yeah, ok champ, why indeed?

      • Uh, nope, sorry. The site advertises itself as a place for people wanting to cheat on their spouses to do so. The moral compass being touted here is the moral compass of millions of people who do not do such things. This has nothing to do with a single person looking for a fling.

        Those worried about being exposed, frankly, should be. Data security arguments aside.
      • Yes, so they're looking to have sex with a married person, without the knowledge or consent of the married person's spouse. This was not a website for swingers, who know what their partners are up to, and are usually participating at the same time.

        Screwing someone else's spouse behind their back is necessarily deceitful.

  • by barc0001 ( 173002 ) on Monday August 24, 2015 @11:42AM (#50380983)

    " one user who commented on the article said she's been "a long term member" of the site because her spouse's medical condition has affected their intimate life. Her spouse knows she's engaged with other Ashley Madison members, she says, but now fears she will likely lose friends and have to find a new job now that her association with the site is out there."

    At the end of the day these people signed up for a site whose primary market is marital infidelity. I feel a bit sorry for the woman referenced above, but I also have to wonder if the partners of the people she's "engaged with" on AM were as accepting as her husband was. I kind of doubt it.

    There are a lot of other sites out there that don't specifically target cheating that she could have used instead. By choosing to have her hookups through that site she was pretty much guaranteeing that she was actively screwing around with someone else's relationship.

  • It would be hard to collect the reward when they're bankrupt.

  • by Spy Handler ( 822350 ) on Monday August 24, 2015 @11:48AM (#50381029) Homepage Journal

    People paid him to have their personal info deleted. He took their money but did not delete anything. Put him in prison for fraud.

  • Comment removed (Score:5, Interesting)

    by account_deleted ( 4530225 ) on Monday August 24, 2015 @11:51AM (#50381083)
    Comment removed based on user account deletion
    • by m00sh ( 2538182 )

      Toronto police are reporting that 2 unconfirmed suicides have been linked to the data breach.

      so, basically corollary conjecture pertaining to sets of potential outcomes of a data breech. Dont get me wrong, as a homosexual I'm not at all condoning the death of a person for their sexuality. I think puritanical elation is at best inappropriate as a response to the incident. But frankly Ashley Madisons catchphrase was 'lifes short, have an affair.' As a saudi national, someone is unfortunately about to find out exactly how short that life can really be. Standard issue infidelity aside there are numerous gay dating sites you could have chosen. numerous potential outlets for gay, straight, questioning, bisexual, whatever your heart desires. But selecting Ashley Madison shows a puerile approach to interpersonal relationship as well as sexual orientation in general. Homosexuality is not the same as a casual extramarital affair.

      When I first came across the ad of the website (when they were in their blanket advertising phase), the slogan stuck me as clever and humorous. It never stuck me as foul or evil.

      However, their main logo has a woman with a finger on her lips, evoking discretion. Perhaps people signed up with this website because it feels so hush hush and secretive, exactly what a Saudi gay man would want.

      But, I don't know how they got millions of people to sign up for the website. It shows up next to foot-long penis ads

  • by tekrat ( 242117 ) on Monday August 24, 2015 @11:57AM (#50381159) Homepage Journal

    When he was CEO of SUN, Scott was once quoted as saying "You already have no privacy. Get over it."

  • by grasshoppa ( 657393 ) on Monday August 24, 2015 @11:59AM (#50381185) Homepage

    Forgive me for being the odd duck out here, but what ever happened to "Personal Responsibility"? I, too, think it's wrong for the hackers to release that information. It sounds like a despicable act of misguided morality to me, but that's irrelevant.

    These people took their own lives, the external stressers don't really matter; they CHOSE to commit suicide. Maybe if signing up and using that site was such an emotional risk for them, they shouldn't have done it?

  • And when The Intercept published a piece condemning the puritanical glee over the data dump...

    It's not puritanical to value honesty. I have plenty of polyamorous friends who have multiple partners, but even in that scenario it is still important to be honest with the people you are intimate with.

    Yes it's bad that a few "innocent" people are being caught up in this, but the site is *for* being dishonest with your partner(s).

  • by Sir_Eptishous ( 873977 ) on Monday August 24, 2015 @12:07PM (#50381271)
    I have put some things online that could be embarrassing. Nothing really earthshattering, nothing I could lose a job over. Back when the "anonymous" nature of the web first started, I was always wary. Maybe not as smart as I should have been, but smart enough. Accounts, posts, passwords, etc. These things are all ephemeral and all can be compromised. I always understood that.

    The real question here is why people continue to think of the internet, "the web", and the myriad of online services as secure. I'm not apologizing for what those who have compromised these accounts have done, but really, at this point everyone should know nothing that is done online is secure. There have been too many compromises.

    Who has inspired this trust?

    Why do millions continue to put faith in something that proves over and over again to be untrustworthy?

    That is the real question.
  • by WD ( 96061 ) on Monday August 24, 2015 @01:42PM (#50382319)

    Yes, this is quite unfortunate. However: given a random selection of 30 million individuals, at what rate would suicides be observed? Make sure you know the answer to this question before jumping to conclusions.

    • by jolyonr ( 560227 )

      I did some basic stats on this.

      There are in Canada about 11 suicides per 100,000 people per year. The Ashley Madison list contains 33 million names. So, on an average year with 33 million random people there are over 3,600 suicides, equating to 10 per day (based on Canadian stats)

      So these 2 are well within normal expected rates of suicide for this size of a group. Unless I've bollocked up my stats somewhere in which case please tell me.

  • by Cito ( 1725214 ) on Monday August 24, 2015 @02:30PM (#50382727)

    Ashley Madison Data Dump
    http://themobilebay.org/torren... [themobilebay.org]

    Don't expect to betray spouses and remain anonymous

  • by erp_consultant ( 2614861 ) on Monday August 24, 2015 @04:19PM (#50383573)

    Social media is for fools. It's not just Ashley Madison. It's Facebook too. It is just amazing to me how people will pony up so much personal information and entrust other people to "manage" it.

    How long is it going to be before someone hacks into Facebook and steals millions of user account details? Email addresses, phone numbers (in some cases), family photos, where you work (in some cases), all your friends (in some cases), you name it.

    Buyer beware.

Genius is ten percent inspiration and fifty percent capital gains.

Working...