re: ATTN OT Divorce Lawyers: Ashley Madison Info Dump Has Happened

quote:

---

Researchers are still poring over the unusually large dump, but already they say it includes user names, first and last names, and hashed passwords for 33 million accounts, partial credit card data, street names, and phone numbers for huge numbers of users, records documenting 9.6 million transactions, and 36 million e-mail addresses. While much of the data is sure to correspond to anonymous burner accounts, it's a likely bet many of them belong to real people who visited the site for clandestine encounters. For what it's worth, more than 15,000 of the e-mail addresses are hosted by US government and military servers using the .gov and .mil top-level domains.

The leak also includes PayPal accounts used by Ashley Madison executives, Windows domain credentials for employees, and a large number of proprietary internal documents. Also found: huge numbers of internal documents, memos, org charts, contracts, sales techniques, and more.

"The biggest indicators to legitimacy comes from these internal documents, much containing sensitive internal data relating to the server infrastructure, org charts, and more," TrustedSec researcher Dave Kennedy wrote in a blog post. "This is much more problematic as it's not just a database dump, this is a full scale compromise of the entire companies [sic] infrastructure including Windows domain and more."

---

quote:

---

Already, websites are popping up that allow anyone to enter an e-mail address and find out if it was included in the dump. It wouldn't be surprising for the same thing to be done for phone numbers and other data fields. This massive leak isn't likely to end well for huge numbers of people.

---

quote:

---

Ok - so what happens when everyone and their mother starts distributing this list and starts adding the email addresses of people that they have a grievance against? You're just going to automatically assume everything that is on the internet is accurate right?

---

this is not how this works, the original file is a COMPRESSED 10 GB database file, this is massive. The source is already seeded, what you said will not happen, and some idiot tries that it would have been easily deteremined to be sourced elsewhere and have a different timestamp. This won't happen.

People are going to use this as an opportunity to fabricate the list and attempt to ruin people's reputations. Once there are 500 different lists out there, which one is the source of truth? This shite will become wikipedia real quick.

Again, the hackers went about this completely the wrong way. They're just feeding identity thieves.

quote:

---

People are going to use this as an opportunity to fabricate the list and attempt to ruin people's reputations. Once there are 500 different lists out there, which one is the source of truth? This shite will become wikipedia real quick.

---

No, it wont. The list is over 10 GB compressed, meaning it's way more when uncompressed, there's no online storage in the world to store this.

And the amount of work to extract a 10gb file, alter it, then recompress it after faking all the data fields and finding somewhere to host it, is bascially impossible.

Sorry bro, it's not going to happen.

quote:

---

So you're telling me people can't take the original list (that most people can't access through normal channels), and add email addresses to it?

---

it's not that simple. the fields are way more than just email address. The amount of work to doctor this verges on computer programming. that's not even considering the amount of bandwidth and storage you would need to host it. You just dont get it. it's not going to happen.

Sounds like somebody banged your wife baw.

quote:

---

it's not that simple. the fields are way more than just email address. The amount of work to doctor this verges on computer programming. that's not even considering the amount of bandwidth and storage you would need to host it. You just dont get it. it's not going to happen.

---

Take all of what you just said out of the equation - and let me remind you that the source is from a "credible" location on the dark/deep web (whatever you want to call it) that most of the general population has no clue about.

People can easily fabricate information and post it online saying it was from the original list (not saying they have to publish the entire list). Since most people don't have the means or time to go figure out how to find the "credible source" people won't question it and people are going to take advantage of that.

You're so fixated on all of the "technical limitations" that you're missing the point.

Annd the first big name to fall is none other than Josh Duggar LINK

quote:

---

Until a picture of your spouse spread eagle is attached to that e-mail address

---

I have no spouse so no worries

Sorry guys - I don't mean to rain on the parade here. It seems like the OT overwhelmingly wants this to be a success, but I don't see it happening. There are too many factors playing against the hackers here. The information HAS to be easier to find, it HAS to be credible, otherwise this shite is going to spiral out of control. Assuming their information is accurate, all it's going to do is put a lot of people's personal information (credit/bank information) in jeopardy.

Regardless of your standpoint on cheating, I think it's wrong to put this type of data out there on a silver platter for thieves to take advantage of.

quote:

---

This didn't take long, enter an email to see if it was in the database. Ruh-oh OT!

---

Not good at all............. LOL