If you hadn’t heard of AshleyMadison, the site who’s registered tagline is “Life is short, have an affair.” – well, now you have. The company fell victim to an epic hack that exposed the personal information of all 37.5 million affair seeking members.
Much as been said in the media about how sensitive all of this information is, how terrible the hack is, and how potentially damaging it could be to everyone if the list gets out to the general public.
But I think everyone is missing some of the bigger points. Or perhaps they’re all avoiding the discussion because the executives, journalists and reporters all know THEY are on the list and really just want this thing to go away as fast as possible?
Where’d All These People Come From?
First of all, who knew that this site actually had 37.5 Million members! That number is absolutely staggering. Especially considering there are only about 60 million married couples in the US.
If AshleyMadison members are primarily US based and married, that means there is nearly a 100% chance that if you are married and YOU aren’t on the site, your spouse is.
This raises several questions:
- How many people are going to be actively searching to get their hands on that list?
- How will this impact the Private Investigation business?
- What would you pay to know if your spouse is on the list?
- Will this create a black market for seekers and sellers of this information?
- How many fraudulent sites will pop up offering to sell this data, even if they don’t have it?
- Heck… when will Judges start ordering subpoenas for records from the company in divorce cases?
More importantly, what does it say about society that so many people are looking to cheat?
- Is marriage a broken and outdated institution?
- Is the concept of harmonious perpetual monogamy a lie?
When Does the Blackmailing Begin?
Right about now there are 37.5 million people who are nervous for the wrong reason. Everyone is worried about the release of AshleyMadison’s data, but they aren’t thinking about the alternative.
Getting caught cheating, or attempting to cheat, is one thing. Perhaps being on the list could be explained away as, “…well, I heard about the site and registered just out of sheer morbid curiosity…” or “…ok, I did register. But not to cheat – because I got worried that maybe YOU were cheating and I was just trying to figure out if you were on there…”. I’m sure there are a million excuses.
By the way, how funny would it be if BOTH spouses were secretly on the service? With 37.5 million users it HAS to be the case – a lot!
But what happens when compromising photos show up in your email box along with a ransom demand to pay $1,000 worth of bitcoins to some anonymous person, God knows where?
- What happens when some of these people are rich and famous?
- What happens when 1,000,000 or 10,000,000 people get these demands?
- How many are really going to report the crime and make their sins public?
- How long can it go on?
And frankly, how do we know this whole thing isn’t actually an inside job that was the plan from the very beginning. Think about it, it’s brilliant!
Criminal #1: You know what would be fantastic? If we could find some rich and powerful people who are cheating, and blackmail them for like 20 years!
Criminal #2: Oh man, that would be awesome!Criminal #1: Problem is, it sounds like too much work. First you have to surveil them. Then you have to try and get photos of them in the act. And credit card receipts and names and numbers…
Criminal #2: Yeah, sounds like a lot of work.Criminal #1: WAIT A MINUTE… what if we offered them a service to just cheat as much as they want as long as they give us their names and credit cards and post their own photos of cheating?
Criminal #2: BRILLIANT!
Where’s the Class Action Lawsuit?
At the end of the day, some would argue that AshleyMadison had data that was even more sensitive than banking records. I mean, for God’s sake they were able to charge people $19 just to delete their accounts. That’s nothing less than extortion.
“Oh, you’ve changed your mind and don’t want those naked photos of you on our site along with damning chats and emails? Ok, that’ll be $19 just to let you delete them.”
It’s unheard of, and this must be the only type of site in the world that can get away with that. Since they clearly know the sensitivity of user data – why wasn’t it encrypted?
What we should have been hearing about was a hack that netted the perpetrators nothing more than a bunch of encrypted data, inaccessible to it’s users. This has been the case with other large hacks. But AshleyMadison was apparently storing everything in clear text format. It’s inconceivable. And unforgivable.
But at the end of the day, what did you expect? It’s called “cheating” because it’s not something you’d want to walk around telling strangers that you do. And when you register on a site with a bunch of strangers and tell them what you’re doing… well, they don’t really give a shit about you.
Tom, in his comment above, got the math right. Still that is a staggering number of people looking for some action. My experience, not on their sites, leads me to believe that about half are trolls and fake accounts. I guess the on-line dating and hook-up site is the new trend. It certainly beats trying to pick up chicks at bars. I’m divorced and I’m reluctant to try any of these sites. I suppose I’m just old fashioned.
I am bothered by the fact that a significant number of spouses would consider sneaking behind their partner’s back to get some. There are other ways to deal with the situation. I guess it doesn’t surprise me based on the two decade assault on marriage. There use to be societal reasons behind marriage until the welfare state started rewarding single-parenthood. Now the whole definition of marriage has been decimated, but this subject takes us a different direction.
After having my personal information poached twice in the last couple years by big bureaucracies like Anthem Blue Cross (of which I never had a business relationship so why did your f’ers have my data?) and JP Morgan Chase, I am extremely sensitive about any personal data. I would never divulge my credit card information to a company like AMC unless I knew that they were using a 3rd party processor or had the proper security audits as Laura mentioned. Needless to say that my on-line transactions are limited to only major players or those that use PayPal or Google Wallet. Next, I don’t put any information on-line that I would not share with friends or family. Even if I had nude pictures or was on Ashley Madison, I’d clearly admit it when asked. In this age of Bill Clinton and Anthony Weiner plus sex tapes by Miley Cyrus, Kardashians, and whoever else, “What difference does it make anyway?” to quote a famous incompetent. The bottom line is that caveat emptor still goes in this digital age.
These are people who CLEARLY never went through a PCI audit. I just went through one and had to get a crash course in encryption which has been relatively stable so far. Not one process can see the credit card information except for a single system that authorizes our payments. That means that no customer service rep, no individual, etc. If we get hacked, they can’t see the data because you not only have to be able to decrypt it but you need to be using a high level account to do so. I also wanted to scramble the numbers around to make it even more difficult should that encryption limit fail just by scambling two sets of numbers and using Luhn check digits to determine which set to reverse using a formula.
The fact that they’re using plain text is the worst part of it and is just lazy. Clearly they haven’t been through any actual audit or this would’ve been stopped. Perhaps we need some kind of certification before accepting credit cards or just have some kind of temporary credit card number like PayPal used to do with online transactions (virtual card numbers, I think it was called). Even if they got the numbers, the accounts wouldn’t be valid for them to do anything with it anyway.
You heteros are just ruining the institution of marriage. 🙂
What Peter said AND you used bad math besides. If there are 60MM couples, that means there are 120MM individual married people. That makes the full 37MM number about 1/3 of all people. Additionally I’m sure that a high number of the total accounts are duplicates/fakes/trolls/non-married members, etc. So in reality it is some portion of the 13MM. So likely way less than 10% of the married U.S. population. Without a doubt though there are still an awful lot of people sweating it out.
Regardless of wether 13M or 37M of the people are US based a certain percentage of the user base are the “homewreckers”. People who aren’t married themselves but are seeking married individuals to hook up with for “the thrill”.
>If AshleyMadison members are primarily US based and married, that means there is nearly a 100% chance that if you are married and YOU aren’t on the site, your spouse is.
That’s a pretty bold claim since according to the Washington Post there are only about 13 million Americans registered on the site.
Great article Peter. Thanks for the link. 13 million certainly improves the odds. Although there were a few other interesting stats in there.
So the odds are worse if you go to college. Another reason for keeping people undereducated? 😉
Don’t forget that the company also owns cougar life and a few other dating sites as well that also were hacked, according to John McAfee…
http://siliconangle.com/blog/2015/07/21/the-ashley-madison-hack-age-of-self-delusion/
Agree. For me as someone in the IT Security field, the most troubling aspects are those of the Infosec variety…