The Ashley Madison fiasco continues . A new data dump by a hacking group called the Impact Team has spilled even more data from the troubled infidelity website on to the internet. Whereas the previous dump contained over nine gigabytes of data, this one is reportedly bigger — much bigger.
More than 20 GB of data was put online with this second dump. That means more than 30 GB has leaked to the web thus far. The fact that there was a second dump at all raises serious questions.
First, exactly why hasn’t Avid Life Media been forthcoming with the public about this data breach? The company’s CEO, Noel Biderman, has been reluctant to declare the data woes the work of legitimate hackers. His blasé response earned the ire of the Impact Team. Instead of a note, the hackers leaked data for a second time with a snide remark.
“Hey Noel, you can admit it’s real now.”
But perhaps the Ashley Madison owners can’t afford to admit the truth. Remember, some victims of the data leak signed on to the service under the understanding that their information would be deleted from the site. One of the reasons this hacking group targeted the company was because they knew this wasn’t the case.
Holding on to information it claimed to have removed makes the site owners vulnerable to lawsuits. For instance, CNBC reports that a $760 million class-action lawsuit was filed on behalf of exposed Canadian citizens. It’s likely more suits will follow.
That was quick. The first class-action lawsuit against Ashley Madison is underway. http://t.co/fSiomo1MKK
— Kevin Roose (@kevinroose) August 20, 2015
An additional question to ask would no doubt concern how much data hackers have in their possession.
The hacking team made no indication in this recent dump or the previous one as to how much total data was acquired. While the first data leak exposed millions of customers, this one focused on Biderman and those in charge of Ashley Madison. Reports claim that the CEO’s emails were part of the data dump and, more concerning, the source codes for the website.
The use of source codes plays heavily into hacking sites like Ashley Madison. Their availability now means the cheating site is vulnerable to future data breaches.
Group behind Ashley Madison data hack says ‘full delete’ is a lie: “Too bad for those men” http://t.co/cOHPPonWZK pic.twitter.com/mB5AjolewQ
— ABC News (@ABC) August 20, 2015
Lastly, what lessons can be learned from the Ashley Madison data breach?
If there are other infidelity services on the web, they may want to look to Ashley Madison as an example of what not to do: Don’t store customer information, don’t mislead consumers about keeping their information (and charge them anyway), and don’t keep the data in an extremely hackable database (just waiting for bored black hats to come along).
Do you think there will be future Ashley Madison data dumps? Also, why do you think the owners of Ashley Madison refuse to acknowledge the truth of a leak… even after reliable sources have declared them legitimate?
[Image Credit: Carl Court/Getty Images]