The Ashley Madison Data Breach

Data breaches of major networks and corporate computer networks has become such a common phenomenon nowadays, that some incidents don’t even make it on the news. But the theft of over 31 million account profiles from the adultery website Ashley Madison, is not one of these easily ignored or forgotten cases. The data that was stolen was sensitive, including names, addresses, credit cards, sexual preferences. Not to mention, membership to the website itself implies a desire to want to cheat on a partner or spouse, which, in itself could potentially ruin many relationships.

If anything positive can be taken from the hack, it’s the fact that the collection of data serves as a great source of information about human sexuality online and offline, and what we look for in relationships, illicit or otherwise. This incredibly large data set provides interested parties an opportunity to analyze and draw insights from the data that would otherwise be incredibly difficult to collect.

The group taking credit for the act is an anonymous collective of hackers going by the moniker “Impact Team.” As Robert Hackett of Fortune reports, Avid Life Media, the parent company of the website, has placed a bounty on the hackers’ heads, offering up $500,000 (CAD) for any information that would lead to the arrest of the guilty party. The company first began receiving threats from back in July of last year, immediately appointing a team to investigate who the culprit might be, initially suspecting that the culprit was someone who may have worked for them on a contractual basis.

Toronto Police Services Superintendent Bryce Evans made the initial announcement:

“Today I can confirm that Avid Life Media is offering a $500,000 reward to anyone providing information that leads to the identification, arrest, and prosecution of the person or persons responsible for the leak of the Ashley Madison database.”

So what have some analysts found while analyzing the data?

Alex Krasodomski-Jones, a researcher for the Centre for the Analysis of Social Media (CASM), wrote a piece for Wired that outlined some of his findings. Krasodomski-Jones chose to focus on cultural differences among the user base:

  • Italian users were most likely to be looking for a short term relationship
  • German and Austrian users preferred a long term arrangement.
  • Brtis are three times more likely to be looking for a short term arrangement. Just one in twenty users were looking for a long-term relationship, compared with one in four in Germany.
  • Chinese users most frequently opted to keep things online, expressing a preference for a “cyber-affair”, something of no interest to Japanese and South Korean users.
  • Sixteen million people used the site in the US. Utah, Mississippi and South Carolina — which feature in the top five churchgoing American states – are Ashley Madison’s three best represented states per capita.

Robert Hansen, VP of WhiteHat Labs for WhiteHat Security, spoke to Tony Bradley of Forbes ( regarding some of the insights his company was able to uncover while combing through the Ashley Madison data. Hansen’s focus was on the type of email people used when signing up for an account, which sheds light on where people work, and how far some people will go to remain anonymous.

  • The vast majority of Ashley Madison clients use a webmail address presumably to hide their true identity and/or prevent their spouse from intercepting any Ashley Madison communications.
  • Well over 13,000 email addresses were from .MIL and .GOV domains and a handful of congressmen among the hacked data.
  • A substantial number of addresses from various Fortune 500 companies like Microsoft MSFT +0.00%, Cisco, Apple, and Bank of America.
  • Three accounts using email addresses.
Jason Quintal | December 18, 2015

Leave a Reply