back to article Now Ashley Madison hackers reveal 'CEO's emails and source code'

Another load of internal files swiped by hackers from Ashley Madison have been leaked online – and they apparently feature the CEO's emails and the website's source code. The 18.5GB leak includes, it is claimed, archives of internal company emails, including one folder labeled Noel Biderman – the chief exec of Avid Life Media …

  1. oldtaku Silver badge
    Mushroom

    "No, that data dump is totally fa" *SMACK*

    Avid Life has been lying their ass off about this hack and filing fraudulent DMCA takedowns on people talking about it. This second dump seems like a bit of a smack in the face about that, especially given the 'Hey Noel' message.

    1. mafoo
      Mushroom

      Re: "No, that data dump is totally fa" *SMACK*

      Now their source code is out, they should shut down their servers until the extent of their vunerability can be established. (it powers a number of their other niche dating platforms)

      The company, frankly, is probably as good as dead now.

      At least they could go out gracefully and protect the privacy of their customers.

      1. Anonymous Coward
        Anonymous Coward

        "At least they could go out gracefully and protect the privacy of their customers"

        A company trying to make easy money in such a business? They will try to beat the horse long after its death and putrefaction.

        1. Anonymous Coward
          Anonymous Coward

          Re: "At least they could go out gracefully and protect the privacy of their customers"

          "They will try to beat the horse long after its death and putrefaction."

          Why would the horse be dead? Probably a large number of the email address in the data are special one use addresses set up by people for this, so they won't give a damn if they get leaked and will be quite happy to go on using the service. Only idiots would have used their work or home email address and if they're that stupid they'd probably have got caught eventually anyway.

      2. Anonymous Coward
        Anonymous Coward

        Or the opposite could happen....

        ... with 36 million cheaters exposed on just one site, cheating may have come "out of the closet" so to speak, and become more common and openly acknowledged. Being a cheater is probably more common than being gay, so qualifies as "normal" now. Once seen as such, cheaters might campaign for an equal right to "marriage" without fidelity. Now marriage has been redefined to not necessarily be between a man and a woman, it could also be redefined to not necessarily require a vow of fidelity.

        Once homosexuality was seen as "wrong" and was outlawed, perhaps one day cheaters will campaign that anyone who judges them as "wrong" is a cheater-phobic bigot, and have the law changed in their favour. After all, they can't help cheating, it's just down to their genetic makeup.

        1. Richard 12 Silver badge

          Re: Or the opposite could happen....

          That's comparing apples with spacescraft.

          Cheating is an action that is expected to cause harm, by definition.

          Swinging is fine, as those affected know and agree to it, but this place didn't claim to be helping swingers.

          1. P. Lee

            Re: Or the opposite could happen....

            >Cheating is an action that is expected to cause harm, by definition.

            Actually, no. Cheating just means you aren't following "the rules". "Survival of the fittest" implies it is prudent to break the rules if you can gain competitive advantage. Anyway, "the rules" are just a thing society made up and not an objective standard. Morality is just a social construct to increase our likelihood of survival, right? There are no moral absolutes, right?

            Besides, definitions can be changed, by law if required, allowing the police to be used to enforce the change.

            1. Patrick Bateman

              Re: Or the opposite could happen....

              Rubbish. Human society is no longer purely driven by "survival of the fittest" in its most basic sense. Otherwise e.g. there would be no ugly people, no one would marry or care for a disabled person, etc. We have rules that we have deemed make us more advanced than that. Yes, a male monkey will shag his way through all the females in the group, but humans, in most societies, have very strongly ingrained expectations of monogamy and fidelity. It's not just rules, it's deeply rooted social mores. These have been universally agreed upon because they make better the lives of individuals, and make society work better. It doesn't apply in all societies, and often the taboo of cheating is broken, for we are fairly pathetic meatbags with barely any self control - but to return to the other poster's point, cheating absolutely is a very harmful act. Just wait until it happens to you, and you're howling your guts out...

            2. Anonymous Coward
              Anonymous Coward

              Re: Or the opposite could happen....

              "Cheating is an action that is expected to cause harm, by definition.

              Actually, no"

              Eh? WHatever your thought on the morality of cheating, of course it causes harm. It wouldn't be cheating if the other partner knew about it. Can you find one person who thought that when they found out their partner was cheating it didn't cause any (emotional) harm?

              "Cheating just means you aren't following "the rules". "Survival of the fittest" implies it is prudent to break the rules if you can gain competitive advantage."

              Murder a love rival just means you aren't following "the rules". "Survival of the fittest" implies it is prudent to break the rules if you can gain competitive advantage.

              Cheating involves lying, breaking a trust, possible tearing apart a family and possibly psychologically affecting the parties involved. This isn't a moralistic standpoint, this is just what generally happens. If you deem that anything is go as long as you "get ahead", whether it breaks the rules, allows you to lie, makes you untrustworthy, commit any act you think necessary then I, for, one, would not want to work with you or have a business relationship with you.

            3. Edwin

              Re: Or the opposite could happen....

              Let's not get sidetracked by the AM business model - whether acceptable or not (and whatever you think of cheaters), the real criminals here are the hackers. And while it may have been prudent (or even wise) for AM to shut down after the first threats, you're then demonstrating to the criminal community that hacking pays. So next, someone can hack the mime club website and blackmail them into shutting down because Lord Vetinari can't abide mimes.

              Personally, the Impact Team rationalisation looks backwards to me anyway. Which is more likely:

              - someone with a seriously skewed moral compass feels it's OK to hack a website, kill a company and cause millions of people significant discomfort because they think it's "wrong"

              or

              - someone noticed they could hack into the AM website and pilfer the data, and then needed a rationalisation for doing something truly reprehensible.

              Either way, let's not forget who the criminals are in this case.

        2. web_bod

          Re: Or the opposite could happen....

          Jesus - how fucked-up is your sense of morality?

          Marriage equality - is just about that - let anybody marry whoever they want.

          If you're not prepared to be monogamous nothing's forcing you to get married.

          Marriage is specifically about committing to one person - whoever they are.

          There is no genes for for sexual preference just as there are no genes for being a twat.

      3. John Tserkezis

        Re: "No, that data dump is totally fa" *SMACK*

        "At least they could go out gracefully and protect the privacy of their customers."

        AM is still advertising on TV in Sydney Australia. I guess they're hoping no-one has heard what's happend.

        Then again, if you're too busy shagging someone else, you're too busy to watch TV. Losers. Or maybe not (hey, I'm not getting any).

        1. 404

          Re: "No, that data dump is totally fa" *SMACK*

          Got some AM spam the day of the first data dump - wife and I had a good laugh at the audacity and skill shown to evade our spam filters as it was formatted to look like real email.

          Real bastards right there.

        2. h4rm0ny

          Re: "No, that data dump is totally fa" *SMACK*

          >>"AM is still advertising on TV in Sydney Australia. I guess they're hoping no-one has heard what's happened"

          I don't know but would guess, that TV ads aren't sold and organized the week before they air on a "let's buy an ad slot before tomorrow's Coronation Street, I'm feeling like it". I also don't know but would guess, that calling up a TV station and saying "we've changed our mind about that ad slot on Tuesday can we have our money back please?" doesn't get you a full refund.

          1. Danny 14

            Re: "No, that data dump is totally fa" *SMACK*

            or just join a religion that allows multiple spouses.

            Just saying.

  2. Destroy All Monsters Silver badge
    Holmes

    Eagerly awaiting largish papers about sexual mores

    ...duly published in Nature.

  3. Turtle

    Taking A Dump On Users and Operators Alike.

    Does this second dump make it more likely that the "hack" was actually an inside job? That this might have been an inside job was mooted in an earlier story but the possibility seems to be been either forgotten or, perhaps, dismissed. If dismissed, it would be interesting to know why.

    1. Anonymous Coward
      Anonymous Coward

      Re: Taking A Dump On Users and Operators Alike.

      Given the data from the first hack, which included internal documents, it was either an inside job, or the hackers got into the internal network.

      They've pretty much got everything, including the desk floor plan!

      (I'm not kidding, they really have got the desk floor plan!)

  4. MattPi

    "internal company emails can be very damaging to a company's reputation"

    That presupposes the company has a positive reputation to start with.

  5. Anonymous Coward
    Thumb Up

    I have an idea...

    Surely about time Yahoo! or Microsoft bought ALM; both companies are after all well known of paying cheaply for winners and getting the biggest bang for their buck, as it were.

    Indeed Microsoft could add an Ashley Madison app to every Lumia: "you've been screwed by us, now get screwed by..."

    1. LucreLout

      Re: I have an idea...

      @Skydweller

      Surely about time Yahoo! or Microsoft bought ALM; both companies are after all well known of paying cheaply for winners and getting the biggest bang for their buck, as it were.

      Given the apparent lack of interfacing with others most ALM users were doing, Apple is surely a more appropriate buyer?

  6. Anonymous Coward
    Anonymous Coward

    Stats

    Given the stats that have been extracted can we expect to see a list of public servants by country and department and ten a list of politicians?

    Those figures would be mist revealing.

  7. Mark 85

    Whatever panic there was amongst users....

    is probably nothing to the panic going on in the C-suites. There's probably some behind the scenes stuff going on at the places with "work addys" used also... possibly a bunch employees who have just <cough>resigned<cough>. This is taking pot-stirring and shit disturbing to a new height... or maybe it's a new low depending on viewpoint.

    1. Anonymous Coward
      Anonymous Coward

      Re: Whatever panic there was amongst users....

      "...who have just <cough>resigned<cough>"

      It depends. If you actually mean "resigned" then possibly through embarrassment. However I don't think there will be many if any who have been fired. It would require quite a tight e-mail policy to not allow any personal e-mails, and then to prove that the recipient was the original person who signed up, and that it was gross misconduct and that if deemed gross misconduct why no steps were taken to clock the site from work computers. Then if that employee demanded that an investigation was done to see if any non-work e-mails existed on all other users PCs including in the spam folders.

      All in all, it would be difficult to secure a reasonable case for dismissal (unless the CEO was the wife of the employee who's e-mail details have been discovered.)

  8. Anonymous Coward
    Anonymous Coward

    One in four say they are single, so not everyone was using the site to cheat on a partner or spouse

    so 1 in 4 did try to cover their tracks! Only forgot to spoof their gov. address or home coordinates, lol.

  9. John Tserkezis

    Breakdown by tech company was interesting.

    Is IBM that bad a place to work for that you need to get laid afterwards?

    1. mark 177
      Joke

      Re: Breakdown by tech company was interesting.

      Well, once you've got used to being screwed, it kind of gets addictive.....even outside working hours

  10. Anonymous Coward
    Anonymous Coward

    another free treasure

    for intelligence services around the world. Well, as long as their boss is not on the list. Or the boss of their boss. Either way, very busy weekend checking those records...

  11. Mike Flugennock

    Hot damn, now we're getting somewhere

    IBM and HP leading the pack? Why am I not surprised?

  12. Gannon (J.) Dick
    IT Angle

    You know ...

    ... you've been spending way too much time in your cubicle at the server farm when you find yourself saying ... OH MY GOD, THEY GOT THE SOURCE CODE !!!!!!!!

  13. Mark 85

    The Panic Spreads....

    Per the Associated Press... http://hosted2.ap.org/APDEFAULT/3d281c11a96b4ad082fe88aa0db04305/Article_2015-08-20-US--Cheating%20Website/id-229e9627bfab4e88ac454a3bec519725

  14. Stevie

    Bah!

    First: A website aimed at helping cheaters run around on their spouses has no reputation to protect.

    Second: Does anyone really give a fuck about this?

    1. 404

      Re: Bah!

      I do.

      I'm hoping it will make my clients' users be a little more circumspect about what they do on company equipment/bandwidth - wouldn't that be a nice bonus?

  15. skeptical i
    Devil

    Not long ago the radio announcer said

    that a group of divorce lawyers was eagerly awaiting "Christmas in September" as a result of this data dump. Seems that if anyone with a pulse and a keyboard could create an indelible account using anyone else's email address perhaps "post-Christmas-regifting-day in September" might be of more appropriate scale.

  16. Anonymous Coward
    Anonymous Coward

    Reports of lack of verfication

    Considering the number of places that have reported that the site never verified if an email was valid, how hard would it be to sign up with your friendly manager's email address, or your not so friendly VP's email address, etc. Trying to get them more spam.

    I know one person (not at the company I am at) that was so upset with his manager, that he signed him up for every adult website of any kind he could find, so that his inbox would have hundreds of adult advertisements per day, for the most obscure fetishes you could find.

    Of course the tech giants have a fair number of addresses in the DB, some valid, some not. If you have the number of employees that these companies have, this is like 0.0001%

    1. Anonymous Coward
      Anonymous Coward

      Re: Reports of lack of verfication

      Likely most will be exactly as they seem.

      But a significant little fraction will be fake accounts designed to bother the supposed adulterer.

      Amateur investigators verifying that details match the available information found on the Internet is obviously completely circular logic. Commenters pointing to 'but the credit card details...', are too thick to notice that the amateur investigators are typically not able to actually verify the credit card details.

      To be crystal clear, most are likely to be exactly as they appear. But what mechanism exists to weed out the innocent victims?

  17. Sureo

    FBI - RCMP - OPP - TPS

    Good luck!

  18. Schlimnitz

    Makes you wonder if one of those hackers didn't discover his other half had been cheating on him via AM. Seems like a very focussed and personal vendetta.

    1. Anonymous Coward
      Anonymous Coward

      Why the hacker should be 'he' and not 'she'?

      1. Anonymous Coward
        Anonymous Coward

        Hackers gender

        Statistically (based on AM user base and sexual preference) the "upset partner" theory would suggest a "she".

        Although I suspect "a hand acting independently of its owner" is a likely suspect as well.

  19. Old Handle

    I wonder, do their databases contain any information on how "successful" users were? I would think they would at least have records of which users exchanged messages, and quite possibly their content as well. If so, there's probably have enough dirt to keep tabloids busy for the test of the year at minimum.

  20. BinkyTheMagicPaperclip Silver badge

    Fake user source code

    It'll be interesting to see where the source code is that creates fake e-mails to keep the punters on the site, which everyone knows happens.

  21. lansalot

    best tweet..

    Best tweet I've seen about this (can't find it now, typical) was along the lines of

    "Rather than stick with A.M and work out the problems, I'm off to find a younger, sexier website"

    :)

  22. Anonymous Coward 101

    The hackers were doing it wrong...

    They should have released the database bit by bit, thereby imposing greater pressure on AM to pay a ransom.

    1. Toastan Buttar
      Thumb Up

      Re: The hackers were doing it wrong...

      A la Monty Python 'Blackmail' sketch, with the 'ransom' demand increasing by the second?

      I like your thinking! :)

  23. disgruntled yank

    Unbelievably?

    "Unbelievably, it appears about 100 people used .gov.uk and .police.uk email accounts to sign up for Ashley Madison accounts."

    You expected more or fewer?

  24. John G Imrie

    Internal Emails

    Should be fun to find out exactly what the Company thinks of it's client base.

    1. h4rm0ny

      Re: Internal Emails

      >>"Should be fun to find out exactly what the Company thinks of it's client base."

      Doesn't really matter. With a sufficient volume of emails and the ability to present them selectively, you can make ANY company look like angels or devils according to which you wish to prove.

  25. Potemkine Silver badge
    Big Brother

    Some people may now realize that putting private and sensitive information on the web is not such a great idea anyway, even if one dare to guarantee them their data is safe

  26. Anonymous Coward
    Anonymous Coward

    AC for obvious reasons, but I've worked for a few of the companies on this list...

    Will be grabbing the dumps this weekend!

  27. Belardi

    They shouldn't have been hacked, even for such a scummy company. But hey, taking the money from cheaters who WOULD cheat anyway, why not?

    AM did not create the cheaters, they made it easier to do so and make a profit from it, nothing more.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like