http://arstechnica.com/security/2015/08/ashley-madison-hack-is-not-only-real-its-worse-than-we-thought/
By Dan Goodin
Ars Technica
Aug 19, 2015
The massive leak attributed to the hackers who rooted to the Ashley
Madison dating website for cheaters has been confirmed to be genuine. As
if that wasn't bad enough, the 10 gigabytes of data—compressed, no less—is
far more wide-ranging than almost anyone could have imagined.
Researchers are still poring over the unusually large dump, but already
they say it includes user names, first and last names, and hashed
passwords for 33 million accounts, partial credit card data, street names,
and phone numbers for huge numbers of users, records documenting 9.6
million transactions, and 36 million e-mail addresses. While much of the
data is sure to correspond to anonymous burner accounts, it's a likely bet
many of them belong to real people who visited the site for clandestine
encounters. For what it's worth, more than 15,000 of the e-mail addresses
are hosted by US government and military servers using the .gov and .mil
top-level domains.
The leak also includes PayPal accounts used by Ashley Madison executives,
Windows domain credentials for employees, and a large number of
proprietary internal documents. Also found: huge numbers of internal
documents, memos, org charts, contracts, sales techniques, and more.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
