- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
re: ATTN OT Divorce Lawyers: Ashley Madison Info Dump Has Happened
Posted on 8/19/15 at 9:13 pm to Bestbank Tiger
Posted on 8/19/15 at 9:13 pm to Bestbank Tiger
The data contains all of the usernames for the entire site since 2008. It also contains the corresponding credit card payments for members who paid for the service. It's like any other dating service, signing up is free, but to do anything you have to pay.
The username/membership information is for anyone who signed up and may (but likely doesn't) contain any information that can be traced back to you. However, credit card authorizations generally require that you enter the name on the card and the billing address of the card. So people who paid for the service are at much greater risk of exposure.
I've looked through the actual data. It's organized like you'd expect database dumps to be organized. There are multiple tables with varying pieces of information. You can't just "look up" someone without matching up the member number from table to table.
If someone used a their legitimate (commonly known) email address, then you could search that table to get their member number. Then from there, you could cobble together their "preferences".
Searching by name is trickier. The "name" data only appears with the payment data, and there are different files for each day (literally) since 2008. However, someone who's reasonably intelligent could append all of the payment tables together so they could search by name across all of the data at once. Again, you could back into other information once you knew the member number.
My guess is that AM will push takedown notices to websites who allow searching by first/last name. Searching by email isn't too helpful because I'd guess most people used a real (but not publicly known) email address.
By email "not being verified", they mean that you didn't have to click a link that was sent to you in order to continue using the site. For instance, this forum requires that you verify your account before you can post. That means there's a ton of "fake" information in the system. These likely won't have credit card info (and real names) attached though.
The username/membership information is for anyone who signed up and may (but likely doesn't) contain any information that can be traced back to you. However, credit card authorizations generally require that you enter the name on the card and the billing address of the card. So people who paid for the service are at much greater risk of exposure.
I've looked through the actual data. It's organized like you'd expect database dumps to be organized. There are multiple tables with varying pieces of information. You can't just "look up" someone without matching up the member number from table to table.
If someone used a their legitimate (commonly known) email address, then you could search that table to get their member number. Then from there, you could cobble together their "preferences".
Searching by name is trickier. The "name" data only appears with the payment data, and there are different files for each day (literally) since 2008. However, someone who's reasonably intelligent could append all of the payment tables together so they could search by name across all of the data at once. Again, you could back into other information once you knew the member number.
My guess is that AM will push takedown notices to websites who allow searching by first/last name. Searching by email isn't too helpful because I'd guess most people used a real (but not publicly known) email address.
By email "not being verified", they mean that you didn't have to click a link that was sent to you in order to continue using the site. For instance, this forum requires that you verify your account before you can post. That means there's a ton of "fake" information in the system. These likely won't have credit card info (and real names) attached though.
1
Posted on 8/19/15 at 9:53 pm to CMTiger101
quote:
CMTiger101
Thanks. That makes sense.
A smart person would probably do all fake information. You can buy disposable credit cards and use a PO Box and burn phone. That way it wouldn't be tied to your real name. That would especially be the case for a site like this. A single person wouldn't care if someone knew they were on Zoosk (although you still wouldn't want your credit card data breached.)
How much liability does Ashley Madison have here? I can see them being targeted by a public figure whose name was falsely used to create an account (negligence), or by people whose credit cards were stolen and who are now in the data dump.
Actual users might have a case too but it would be weaker because hacking is a well established risk on all sites and any problems they suffer are a result of things they shouldn't have done in the first place.
Page 1 of 1
Popular
Back to top
Follow TigerDroppings for LSU Football News