GET THE FREE NATIONAL CYBER SECURITY APP FOR YOUR PHONE AND TABLET
Granted, the Ashley Madison hack is proving to be ripe ground for jokes from all over, particularly in terms of how many government officials’ email addresses were spotted on the information released from hackers. The appearance of Josh Duggar of “19 Kids & Counting” fame didn’t hurt matters for many either.
Beyond the jokes, beyond the atavistic “ha ha, you got caught!” thrill the Ashley Madison hack provided, there are deeper issues afoot that should leave all in range frightened.
It’s not so much the content, so much as it is the sheer amount of said content that was involved. The Ashley Madison hack involved 10 gigabytes of compressed data, ranging over 33 million accounts, the approximate equivalent of a little under half a Blu-ray disc’s worth of data.
That’s 10 gigabytes worth of email addresses, phone numbers, names, and even financial transactions. That includes the “guaranteed affair within three months” transaction and the “delete everything; I was never here” transaction.
Even worse, that includes information on PayPal accounts, on Windows keys, a host of internal documents and more, even things like server infrastructures for some businesses. That’s leading to some serious concerns about blackmail possibilities, as well as representing full-scale compromises of infrastructure, up to and including Windows domains.
All of this might be bad enough, but the Ashley Madison hack represents something different: a hack with information as its goal, rather than commerce at its ultimate end.
When a Home Depot or a Dairy Queen or similar company is hacked, it’s usually done with cash in mind, getting access to payment details to go run up charges elsewhere or transfer a load of cash to a bank account. The Ashley Madison hack, meanwhile, wanted information to reveal embarrassing facts; just look what it did to Josh Duggar.
What could this kind of hunt do for those with memberships to porn sites? Or to healthcare information storage? How long before some hacker’s going hunting for everyone treated for STDs or the like?
This isn’t just a data breach. This is a data breach with an agenda, and it represents something much more terrifying; the idea that one day wide scale data breaches could be used as weapons against individuals by assassinating character rather than bank accounts.
The idea of hackers going on the hunt for blackmail data rather than for financial data is infinitely more frightening; while a financial hack can be covered with insurance or with proper bank procedures—no payments on stolen data—an information theft about your after-hours proclivities can’t be so readily insured.
Even if it was proven wrong, a person’s public image could be forever tainted from one message board joined or one website surfed too often.
It’s easy to affect a self-righteous smirk at the adulterers running free on Ashley Madison, but tomorrow, that could be anybody, for a different reason. If Ashley Madison is the start of the change, we could be in for a lot more shocking revelations about many people out there…and we might well find ourselves the next victim.