Another load of internal files swiped by hackers from Ashley Madison have been leaked online – and they apparently feature the CEO’s emails and the website’s source code.
The 18.5GB leak includes, it is claimed, archives of internal company emails, including one folder labeled Noel Biderman – the chief exec of Avid Life Media, Ashley Madison’s parent.
Given the size of the file and the relatively small number of people seeding it over file-sharing networks, it will be some time before it can be downloaded and its veracity ascertained. Several people who have tried to fetch the cache warned some of the compressed data is corrupted.
A torrent of the archive was published on the website of Impact Team, the Ashley Madison hackers. “Hey Noel, you can admit it’s real now,” the gang said in a message announcing the second archive.
On Tuesday, the group released a 9.6GB collection of user databases containing profiles, email addresses, fantasies, sexual preferences, etc, of as many as 36 million people who used Ashley Madison, a Tinder-for-adulterers website, and its sister site Established Men, which was set up for women to find sugar daddies.
Other information, including some users’ GPS coordinates, post codes and ZIP codes, dates of birth, hashed passwords, and partial credit card numbers, was also included.
Cindy Truyens managing Director at software quality specialist SQS commented on this second breach and has described it as much more than a data breach, and has dubbed it a software quality issue.
"With reports of a second data leak, the Ashley Madison data breach is not just a data breach. With employees apparently raising concerns over security procedures before the hack was revealed and reports of this being an insider job, this ‘hack’ has the hallmark of a software quality issue. Customer data security and monitoring measures should have raised an immediate alert to suspicious and/or unauthorised activity.
In a world where cyber criminals are getting smarter every day and the penalties for data breaches could destroy a business, it is vital that organisations don’t make life easy for hackers and ensure that quality assurance no longer take a backseat. The Ashley Madison data leak is a very stark reminder of the personal and business risks associated with providing and managing customer data, and suggests that the lack of software quality processes within organisations can, and will, affect consumers – something that brands should desperately be avoiding.
It has always been important to protect personal data, but in light of this and the reality of today’s ever changing digital environment, brands need to fully understand their data models; get to grips with their potentially unstructured, potentially poorly managed data and put processes in place to keep it safe. Defining, implementing and rigorously testing their data management procedures will enable institutions to get it right, to live up to their data privacy policies and to avoid catastrophic data breaches in the future.”
The post Now Ashley Madison hackers reveal ‘CEO’s emails and source code’ appeared first on IT SECURITY GURU.