Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Ashley Madison execs hacked competitors, wrote screenplay
http://arstechnica.com/security/2015/08/ashley-madison-roundup-execs-hacked-competitors-wrote-screenplay/
Ashley Madison execs hacked competitors, wrote screenplay
As information from hacking ring Impact Team is combed through, characters are revealed.
by Megan Geuss - Aug 25, 2015 2:40 am UTC
Last week, a hacking ring calling itself "Impact Team" released a trove of information collected by Ashley Madison, a dating site that connected people looking to have extramarital affairs. Not only were details pertaining to more than 30 million Ashley Madison accounts leaked, but Impact Team also dropped a 30-gigabyte archive which it said encompassed e-mails from the company's CEO, Noel Biderman.
In one of the more salient exchanges, according to KrebsOnSecurity, Ashley Madison's Chief Technology Officer Raja Bhatia apparently e-mailed Biderman in 2012 to tell him that he had discovered a security hole in a site called nerve.com, which operated a dating platform that was an Ashley Madison competitor at the time. A few months before, Nerve had approached Ashley Madison's parent company, Avid Life Media, with an offer to partner with the company. E-mails suggested that Bhatia offered at least $20 million for Nerve and another website called flirts.com, but Ashley Madison ended up declining pursuit of the deal.
When Bhatia started probing Nerve's site for weaknesses, however, he found some interesting things. As he wrote to Biderman, “They did a very lousy job building their platform. I got their entire user base. Also, I can turn any non paying user into a paying user, vice versa, compose messages between users, check unread stats, etc.” Bhatia included a link to a sample of the database, apparently.
Six months later, ahead of a meeting with representatives from Nerve, Biderman asked Bhatia, “Should I tell them of their security hole?” If there was a response, it did not take place over e-mail.
<snip>
Ashley Madison execs hacked competitors, wrote screenplay
As information from hacking ring Impact Team is combed through, characters are revealed.
by Megan Geuss - Aug 25, 2015 2:40 am UTC
Last week, a hacking ring calling itself "Impact Team" released a trove of information collected by Ashley Madison, a dating site that connected people looking to have extramarital affairs. Not only were details pertaining to more than 30 million Ashley Madison accounts leaked, but Impact Team also dropped a 30-gigabyte archive which it said encompassed e-mails from the company's CEO, Noel Biderman.
In one of the more salient exchanges, according to KrebsOnSecurity, Ashley Madison's Chief Technology Officer Raja Bhatia apparently e-mailed Biderman in 2012 to tell him that he had discovered a security hole in a site called nerve.com, which operated a dating platform that was an Ashley Madison competitor at the time. A few months before, Nerve had approached Ashley Madison's parent company, Avid Life Media, with an offer to partner with the company. E-mails suggested that Bhatia offered at least $20 million for Nerve and another website called flirts.com, but Ashley Madison ended up declining pursuit of the deal.
When Bhatia started probing Nerve's site for weaknesses, however, he found some interesting things. As he wrote to Biderman, “They did a very lousy job building their platform. I got their entire user base. Also, I can turn any non paying user into a paying user, vice versa, compose messages between users, check unread stats, etc.” Bhatia included a link to a sample of the database, apparently.
Six months later, ahead of a meeting with representatives from Nerve, Biderman asked Bhatia, “Should I tell them of their security hole?” If there was a response, it did not take place over e-mail.
<snip>
