Over the past couple of weeks, the promiscuity-purveying dating service Ashley Madison has found itself at the center of a very public hacking scandal. However, it’s now being suggested that the company might have launched a data attack of their own well before its users’ data was leaked.
The group of hackers that outed the site’s members last month also publicized some 30 gigabytes of emails supposedly from the site’s CEO, Noel Biderman. Now, evidence has been found among that data which suggests that Biderman may have sanctioned a hack on a rival dating service, according to a report from Krebs on Security.
The situation arose in 2012, when Nerve.com was adding a dating section to its site. Raja Bhatia, the CTO of Ashley Madison, found a vulnerability in the fledgling service and emailed Biderman suggesting that they launch an attack.
“I got their entire userbase,” Bhatia bragged in the leaked message, going on to suggest that the poorly built platform allowed him to turn paying users into non-paying users and even forge messages between them.
Months later, plans began to form for Ashley Madison to invest money in Nerve’s fledgling service. Bhatia asked Biderman if they should inform the site of their security issues, but seemingly didn’t receive a response. The deal fell through shortly afterwards.
The more information that emerges about Ashley Madison makes it increasingly difficult to find much sympathy for the victims of the hack — not that the cheating service engendered much sympathy in the first place.
Given that those among the top ranks of the company were so eager to launch an attack on a competitor, it was perhaps a simple matter of karma that saw Ashley Madison become the target of a more organized attack.
- Hackers steal as much as 10 percent of new cryptocurrency funds
- Equifax could make money from its own breach; 2.4 million more are exposed
- Obama’s cybersecurity commissioner offers advice on how to keep safe when shopping online
- Federal investigation into Equifax hack said to wither, even with more data exposed
- Companies are sorry about security flaws. Just not sorry enough to change