High-profile hackings of 2015: Ashley Madison

In Information Security ByTeam Acumin / 20th October 2015

You would have to have been living under a rock for the past few months to not have heard about the very high-profile hacking of Ashley Madison, a Canada-based dating and social networking site where people who are married or in serious relationships can seek an extra-marital affair. The data was dumped one month later, and details of subscribers to the site were made available on many darknet websites.

What happened?

In July 2015, the Ashley Madison website was attacked by hackers. They threatened to disclose the details they had acquired after breaching data if the website’s owners did not shut the service down.

How many records were accessed?

The personal details of around 30 million people were infiltrated during the data breach. Records that were accessed by hackers included email addresses, dates of birth, payment histories, sexual preferences, activity on the website and many other pieces of sensitive information, which could seriously compromise the users of the site.

Why did it happen?

Hackers claimed that they targeted Ashley Madison to show that the $20 fee the site charged to delete profiles on the website did not, in actual fact, completely remove an individual’s data from the database.

What has happened since?

Since the breach, a number of high profile people have been revealed as having accounts on Ashley Madison. They include reality TV stars Josh Duggar, Josh Taekman and Scott Disick.

Analysis of the leaked data also revealed that only 12,000 of the 5.5 million female accounts of the website were used on a regular basis, and that many of them were actually fake accounts created by Ashley Madison.

It was also revealed that due to Ashley Madison’s poor password encryption software and weak password choice by many of its members, cracking them was extremely simple to do.