Ashley Madison Hacking: The Dark Web Gets Even Darker

Case Code: ITSY087 Case Length: 16 Pages Period: 2015-2016 Pub Date: 2016 Teaching Note: Available

Price: Rs.500 Organization: Avid Living Media Industry: Portal Countries: US; Europe; Global Themes: MIS, Security and control in information system, Data Security, Cyber Security

Abstract Case Intro 1 Case Intro 2 Excerpts

Excerpts

Ashley madison’s business model

Even though anybody could register on the Ashley Madison site for free, users who wanted to seek partners for relationships and to read and send messages had to pay a fee, which started at US$49. Ashley Madison worked based on the payment made by users to buy credits. The basic package was 100 credits for US$49. For 30 credits, a member got a 30-minute chat session with prospective partners. Premium customers who paid US$250 got a money-back “affair guarantee”. The website promised to pay back the money if the member did not have an affair within three months. The member, mostly the man, had to pay for five credits to initiate a conversation with another member, mostly a woman. The response from the other member was free and there the conversation started. The website had a chat facility in which women could send messages for free but men had to pay to read them. The site allowed users to hide their account profiles for free. If users wanted to permanently delete their accounts from the website, they had to pay US$19 and select the ‘full delete’ option. The ‘full delete’ option once chosen, removed the user profile, site usage history, messages sent and received, and the photos uploaded on the site...

Big blow from the impact team

On July 12, 2015, ALM employees arrived at work to find a message from Impact waiting for them. In that message, Impact stated that they had stolen the data of 37 million members of Ashley Madison. In the message, Impact said, “Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms If ALM doesn’t comply, we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails...

Data leak by impact

Impact posted 25 gigabytes of user information online on August 18, 2015, as there was no reaction from ALM on its demand for the shutting down of the Ashley Madison and Established Men websites. The hacked information was released on BitTorrent in the form of a 10 gigabyte compressed archive. The data included names, passwords, addresses, and phone numbers submitted by users of the site. The data dump also included descriptions of what the users were seeking in an affair partner. For instance, one member wrote, “I’m looking for someone who isn’t happy at home or just bored and looking for some excitement.”..

Jittery subscribers

The hacking of Ashley Madison and the negative publicity surrounding the whole issue left a lot of existing and new customers of the site fearful. They felt that their existing relationships would be in trouble if their partners came to know that they had had an affair or had looked for an affair on Ashley Madison...

Bogus female profiles

Impact alleged that thousands of the female profiles on Ashley Madison were fake. According to the media sources, 31 million male profiles were competing for 5.5 million women profiles in the database. But most of the women never chatted with anybody...

The hack aftermath

The Ashley Madison hacking resulted in chaos in different sections of society. If reports were to be believed, two persons committed suicide after their details were leaked online. One was Captain Michael Gorhum, who had worked for 25 years with the San Antonio Police Department in Texas. His death came just days after his official email address was linked to an Ashley Madison account...

Ashley madison was not the first…

According to industry experts, 2014 was one of the worst years on record for data breaches in the US, with nearly 350 million records lost or stolen. While only the most high profile cases were reported in the media, small and medium enterprises (SMEs) were at high risk...

The road ahead

Analysts opined that Ashley Madison seemed to be out of danger from the consequences of lawsuits due to the terms and conditions it had laid down on the site which had to be accepted by the members before they logged in..

Exhibits

Exhibit I:An Image from Ashley Madison Website
Exhibit II:Message from the Impact Team to Ashley Madison Exhibit III:Avid Life Media’s Letter to its Subscribers following the Hack of Data by The Impact Team
Exhibit IV:Images from the “What’s Your Wife Worth” App
Exhibit V:Valid Ashley Madison Accounts Using Government Email Addresses Per Country
Exhibit VI:Number of Ashley Madison Accounts among the Largest Tech Companies

Buy this case study (Please select any one of the payment options)

Price: Rs.500 Instant Download

Price: Rs.500 Express Checkout

PayPal (11 USD)