Page 1 of 2

Re: Leaked AshleyMadison Emails Suggest Execs Hacked Competi

PostPosted: Tue Aug 25, 2015 8:50 pm
by admin
Was the Ashley Madison Database Leaked?
by KrebsonSecurity
August 18, 2015

NOTICE: THIS WORK MAY BE PROTECTED BY COPYRIGHT

YOU ARE REQUIRED TO READ THE COPYRIGHT NOTICE AT THIS LINK BEFORE YOU READ THE FOLLOWING WORK, THAT IS AVAILABLE SOLELY FOR PRIVATE STUDY, SCHOLARSHIP OR RESEARCH PURSUANT TO 17 U.S.C. SECTION 107 AND 108. IN THE EVENT THAT THE LIBRARY DETERMINES THAT UNLAWFUL COPYING OF THIS WORK HAS OCCURRED, THE LIBRARY HAS THE RIGHT TO BLOCK THE I.P. ADDRESS AT WHICH THE UNLAWFUL COPYING APPEARED TO HAVE OCCURRED. THANK YOU FOR RESPECTING THE RIGHTS OF COPYRIGHT OWNERS.


Many news sites and blogs are reporting that the data stolen last month from 37 million users of AshleyMadison.com — a site that facilitates cheating and extramarital affairs — has finally been posted online for the world to see. In the past 48 hours, several huge dumps of data claiming to be the actual AshleyMadison database have turned up online. But there are precious few details in them that would allow one to verify these claims, and the company itself says it so far sees no indication that the files are legitimate.

Update, 11:52 p.m. ET: I’ve now spoken with three vouched sources who all have reported finding their information and last four digits of their credit card numbers in the leaked database. Also, it occurs to me that it’s been almost exactly 30 days since the original hack. Finally, all of the accounts created at Bugmenot.com for Ashleymadison.com prior to the original breach appear to be in the leaked data set as well. I’m sure there are millions of AshleyMadison users who wish it weren’t so, but there is every indication this dump is the real deal.

Original story:

A huge trove of data nearly 10 gigabytes in size was dumped onto the Deep Web and onto various Torrent file-sharing services over the past 48 hours. According to a story at Wired.com, included in the files are names, addresses and phone numbers apparently attached to AshleyMadison member profiles, along with credit card data and transaction information. Links to the files were preceded by a text file message titled “Time’s Up” (see screenshot below).

Image
The message left by the latest group claiming to have leaked the hacked AshleyMadison.com database.

TIME'S UP!
Avid Life Media has failed to take down Ashley Madison and Established Men. We have explained the fraud, deceit, and stupidity of ALM and their members. Now everyone gets to see their data.
Find someone you know in here? Keep in mind the site is a scam with thousands of fake female profiles. See ashley madison fake profile lawsuit; 90-95% of actual users are male. Chances are your man signed up on the world's biggest affair site, but never had one. He just tried to. If that distinction matters.
Find yourself in here? It was ALM that failed you and lied to you. Prosecute them and claim damages. Then move on with your life. Learn your lesson and make amends. Embarrassing now, but you'll get over it.
Any data not signed with key 6E50 3F39 BA6A D81D ECFF 2437 3CD5 74AB AA38 is fake.
Impact Team's statement on the release
Impact Team's PGP signature for the released statement
Impact Team's PGP Key
Torrent for the released data
Note from Quantum Magazine/Q7765:
We are not Impact Team, in case that wasn't clear.
Please use this data responsibly.
If you find our hosting of the release data useful, please consider looking at our text based magazine called Quantum.
Thank you.
- Quantum7765


From taking in much of the media coverage of this leak so far — for example, from the aforementioned Wired piece or from the story at security blogger Graham Cluley’s site — readers would most likely conclude that this latest collection of leaked data is legitimate. But after an interview this evening with Raja Bhatia — AshleyMadison’s original founding chief technology officer — I came away with a different perspective.

Bhatia said he is working with an international team of roughly a dozen investigators who are toiling seven days a week, 24-hours a day just to keep up with all of the fake data dumps claiming to be the stolen AshleyMadison database that was referenced by the original hackers on July 19. Bhatia said his team sees no signs that this latest dump is legitimate.

“On a daily basis, we’re seeing 30 to 80 different claimed dumps come online, and most of these dumps are entirely fake and being used by other organizations to capture the attention that’s been built up through this release,” Bhatia said.


“On a daily basis, we’re seeing 30 to 80 different claimed dumps come online, and most of these dumps are entirely fake and being used by other organizations to capture the attention that’s been built up through this release,” Bhatia said. “In total we’ve looked at over 100GB of data that’s been put out there. For example, I just now got a text message from our analysis team in Israel saying that the last dump they saw was 15 gigabytes. We’re still going through that, but for the most part it looks illegitimate and many of the files aren’t even readable.”

The former AshleyMadison CTO, who’s been consulting for the company ever since news of the hack broke last month, said many of the fake data dumps the company has examined to date include some or all of the files from the original July 19 release. But the rest of the information, he said, is always a mix of data taken from other hacked sources — not AshleyMadison.com.

“The overwhelming amount of data released in the last three weeks is fake data,” he said. “But we’re taking every release seriously and looking at each piece of data and trying to analyze the source and the veracity of the data.”

Bhatia said the format of the fake leaks has been changing constantly over the last few weeks.

“Originally, it was being posted through Imgur.com and Pastebin.com, and now we’re seeing files going out over torrents, the Dark Web, and TOR-based URLs,” he said.

To help locate new troves of data claiming to be the files stolen from AshleyMadison, the company’s forensics team has been using a tool that Netflix released last year called Scumblr, which scours high-profile sites for specific terms and data.

“For the most part, we can quickly verify that it’s not our data or it’s fake data, but we are taking each release seriously,” Bhatia said. “Scumbler helps accelerate the time it takes for us to detect new pieces of data that are being released. For the most part, we’re finding the majority of it is fake. There are some things that have data from the original release, but other than that, what we’re seeing is other generic files that have been introduced, fake SQL files.”

Bhatia said this most recent leak is especially amusing because it included actual credit card data, even though AshleyMadison.com has never stored credit card information.

“There’s definitely not credit card information, because we don’t store that,” Bhatia said. “We use transaction IDs, just like every other PCI compliant merchant processor. If there is full credit card data in a dump, it’s not from us, because we don’t even have that. When someone completes a payment, what happens is from our payment processor, we get a transaction ID back. That’s the only piece of information linking to a customer or consumer of ours. If someone is releasing credit card data, that’s not from us. We don’t have that in our databases or our own systems.”

Image
A screen shot of the archive released recently that many believe is the leaked AshleyMadison database.

I should be clear that I have no idea whether this dump is in fact real; I’m only reporting what I have been able to observe so far. I have certainly seen many people I know on Twitter saying they’ve downloaded the files and found data from friends who’d acknowledged being members of the site.

Nearly every day since I first reported the exclusive story of the Ashley Madison hack on July 19, I’ve received desperate and sad emails from readers who were or are AshleyMadison users and who wanted to know if the data would ever be leaked, or if I could somehow locate their information in any documents leaked so far. Unfortunately, aside from what I’ve reported here and in my original story last month, I don’t have any special knowledge or insight into this attack.

My first report on this breach quoted AshleyMadison CEO Noel Biderman saying the company suspected the culprit was likely someone who at one time had legitimate access to the company’s internal networks. I’d already come to the same conclusion by that time, and I still believe that’s the case. So I asked Bhatia if the company and/or law enforcement in Canada or the United States had apprehended anyone in relation to this hack.

Bhatia declined to answer, instead referring me to the written statement posted on its site today, which noted that investigation is still ongoing and that the company is simultaneously cooperating fully with law enforcement investigations, including by the Royal Canadian Mounted Police, the Ontario Provincial Police, the Toronto Police Services and the U.S. Federal Bureau of Investigation.

“This event is not an act of hacktivism, it is an act of criminality. It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities,” the statement reads. “We know that there are people out there who know one or more of these individuals, and we invite them to come forward. While we are confident that the authorities will identify and prosecute each of them to the fullest extent of the law, we also know there are individuals out there who can help to make this happen faster.”

Readers should understand that if this dump does turn out to be legit, that just finding someone’s name, email address and other data in the archives doesn’t mean that person was a real user. As the above-mentioned Graham Cluley points out, AshleyMadison never bothered to verify the email addresses given to it by its users.

“So, I could have created an account at Ashley Madison with the address of barack.obama@whitehouse.gov, but it wouldn’t have meant that Obama was a user of the site,” Cluley wrote. “Journalists and commentators would be wise to remember that the credentials stored by Ashley Madison must be considered suspect because of their shonky practices, even before you start considering whether any leaked databases are falsified or not.”

Re: Leaked AshleyMadison Emails Suggest Execs Hacked Competi

PostPosted: Tue Aug 25, 2015 9:04 pm
by admin
Statement from Avid Life Media Inc.
August 18, 2015

NOTICE: THIS WORK MAY BE PROTECTED BY COPYRIGHT

YOU ARE REQUIRED TO READ THE COPYRIGHT NOTICE AT THIS LINK BEFORE YOU READ THE FOLLOWING WORK, THAT IS AVAILABLE SOLELY FOR PRIVATE STUDY, SCHOLARSHIP OR RESEARCH PURSUANT TO 17 U.S.C. SECTION 107 AND 108. IN THE EVENT THAT THE LIBRARY DETERMINES THAT UNLAWFUL COPYING OF THIS WORK HAS OCCURRED, THE LIBRARY HAS THE RIGHT TO BLOCK THE I.P. ADDRESS AT WHICH THE UNLAWFUL COPYING APPEARED TO HAVE OCCURRED. THANK YOU FOR RESPECTING THE RIGHTS OF COPYRIGHT OWNERS.


Toronto, ON August 18, 2015 – Last month we were made aware of an attack to our systems. We immediately launched a full investigation utilizing independent forensic experts and other security professionals to assist with determining the origin, nature, and scope of this attack. Our investigation is still ongoing and we are simultaneously cooperating fully with law enforcement investigations, including by the Royal Canadian Mounted Police, the Ontario Provincial Police, the Toronto Police Services and the U.S. Federal Bureau of Investigation.

We have now learned that the individual or individuals responsible for this attack claim to have released more of the stolen data. We are actively monitoring and investigating this situation to determine the validity of any information posted online and will continue to devote significant resources to this effort. Furthermore, we will continue to put forth substantial efforts into removing any information unlawfully released to the public, as well as continuing to operate our business.

This event is not an act of hacktivism, it is an act of criminality. It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities. The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society. We will not sit idly by and allow these thieves to force their personal ideology on citizens around the world. We are continuing to fully cooperate with law enforcement to seek to hold the guilty parties accountable to the strictest measures of the law.

Every week sees new hacks disclosed by companies large and small, and though this may now be a new societal reality, it should not lessen our outrage. These are illegitimate acts that have real consequences for innocent citizens who are simply going about their daily lives. Regardless, if it is your private pictures or your personal thoughts that have slipped into public distribution, no one has the right to pilfer and reveal that information to audiences in search of the lurid, the titillating, and the embarrassing.

We know that there are people out there who know one or more of these individuals, and we invite them to come forward. While we are confident that the authorities will identify and prosecute each of them to the fullest extent of the law, we also know there are individuals out there who can help to make this happen faster. Anyone with information that can lead to the identification, arrest and conviction of these criminals, can contact information@avidlifemedia.com.

Please direct all media inquiries to: media@avidlifemedia.com

Re: Leaked AshleyMadison Emails Suggest Execs Hacked Competi

PostPosted: Tue Aug 25, 2015 9:11 pm
by admin
Ashley Madison's leaked database available for download - read this first
by Graham Cluley
August 18, 2015

Image

What's happened?

As I'm sure you'll remember, popular adultery website Ashley Madison got hacked in July. The hackers - who went by the name of the Impact Team - demanded that its owners, Avid Life Media, shut the site down and sister sites including Cougar Life and Established Men.

If their demands weren't met, the hackers threatened to release details of some 37 million Ashley Madison users.

And then?

Nothing. Well, Ashley Madison didn't shut down at least. Maybe some members tried to delete their accounts in panic (although that was rather like closing the door after the horse had bolted), and Avid Life Media generously decided to start offering account removals for free rather than charging $15.

So why are you writing about this again now?

Because people claiming to be the Impact Team have released what they say is the database of Ashley Madison users on torrent sites, available for anyone in the internet to download.

Image

That sounds bad. Is it?

Chances are that many people who are members of the Ashley Madison website will feel uncomfortable with their boss, friends, partner or mother-in-law knowing about it. So they probably won't be happy if the leaked database is genuine.

It's easy to imagine that some people might be vulnerable to blackmail, if they don't want details of their membership or sexual proclivities to become public.

Others might find the thought that their membership of the site - even if they never met anyone in real life, and never had an affair - too much to bear, and there could be genuine casualties as a result.

And yes, I mean suicide.

But if they're in the Ashley Madison website, don't they deserve what's coming to them?

No.

For one thing, being a member of a dating site, even a somewhat seedy one like Ashley Madison, is no evidence that you have cheated on your partner.

You might have joined the site years before when you were single and be shocked that they still have your details in their database, or you might have joined the site out of curiosity or for a laugh or even to find out if someone else was on the site... never seriously planning to take things any further.

But more importantly than all of that, if your email address is in the Ashley Madison database it means nothing. The owner of that email address may never have even visited the Ashley Madison site.

As Per Thorsheim explained in an article last month, Ashley Madison *never* bothered to verify the email addresses given to it by users.

So, I could have created an account at Ashley Madison with the address of barack.obama@whitehouse.gov, but it wouldn't have meant that Obama was a user of the site. (Apologies to Michelle for any concern I may have caused her by mentioning her husband's name in relation to this article - I'm sure he has more important things to do with his time than to join online dating sites, anyway)

Journalists and commentators would be wise to remember that the credentials stored by Ashley Madison must be considered suspect because of their shonky practices, even before you start considering whether any leaked databases are falsified or not.

Re: Leaked AshleyMadison Emails Suggest Execs Hacked Competi

PostPosted: Tue Aug 25, 2015 9:22 pm
by admin
The Ashley Madison hack - further thoughts on its aftermath
by Per Thorsheim
July 28, 2015

NOTICE: THIS WORK MAY BE PROTECTED BY COPYRIGHT

YOU ARE REQUIRED TO READ THE COPYRIGHT NOTICE AT THIS LINK BEFORE YOU READ THE FOLLOWING WORK, THAT IS AVAILABLE SOLELY FOR PRIVATE STUDY, SCHOLARSHIP OR RESEARCH PURSUANT TO 17 U.S.C. SECTION 107 AND 108. IN THE EVENT THAT THE LIBRARY DETERMINES THAT UNLAWFUL COPYING OF THIS WORK HAS OCCURRED, THE LIBRARY HAS THE RIGHT TO BLOCK THE I.P. ADDRESS AT WHICH THE UNLAWFUL COPYING APPEARED TO HAVE OCCURRED. THANK YOU FOR RESPECTING THE RIGHTS OF COPYRIGHT OWNERS.


Image

This weekend, I warned of the serious danger of jumping to the wrong conclusions if the Ashley Madison user database ever becomes public, and how - because the site doesn't properly authenticate email addresses - any such data doesn't prove anything.

I was shocked when Graham told me that my article had been picked up by British newspaper Daily Mirror.

But there have been other developments...

A call from an Ashley Madison user

I woke up sunday morning, and received an SMS in Norwegian, shortly after breakfast. Here is my simple translation:

"Dear Per Thorsheim! Thank you for your post at grahamcluley.com. I am one of those affected by the things you wrote about, and I feel bad. We need more like you out there to adjust the perspective."


Since then, I have exchanged many messages with this gentleman, and we have even spoken on the phone.

I don't know his name, but he is in his fifties, has kids and is married. Not long ago, during a hard period in his life, he created an account on the Ashley Madison site.

He says he looked around, and engaged in a little "dirty chat" with some women.

But he never met anyone. He says some people drink or finds other ways to vent their frustrations in life. To him flirting on the Ashley Madison website became a short escape from reality.

He regretted his actions, he told his wife, he was forgiven and life and marriage goes on.

But now he is afraid of the leaked data eventually being released publicly, because his kids, neighbours, colleagues and others may not understand his situation at all.

Stories of suicide

I came across an American news website that published a fake story about a man committing suicide in the aftermath of the Ashley Madison security breach. They even quoted the alleged suicide note which claimed the man's death was a direct consequence of the hack.

Image
Bogus news report of Ashley Madison-related suicide

[DELETE] of Chicago, IL, had been married for the past 11 years. He and his wife had two children, owned a home, and by all outward appearances were living the American dream. However, Donald was seeking intimate relationships with women other than his wife and was using the Ashley Madison site to do so.

In a suicide note recovered by police, [DELETE] expressed his regrets, and why he choose to take his own life. “I am sory[sic] for being unfaithful. I know that you will leave me now and take the kids. I know that I will be fired from my job at your fathers[sic] company and that my life as I know it is going to change drastically for the worse. So I’m just going too[sic] make it easy on you. You get everything. Goodbye.”

The corner’s report indicates that [DELETE] took a fatal dose of prescription medication. His death has been ruled a suicide, and authorities say they do not believe there was any foul play involved.


Why a website, purporting to contain legitimate news, would run a fake story about a man committing suicide after the Ashley Madison breach is beyond my understanding.

What I do know though, is that the press here in my home country of Norway are very careful around use of the word "suicide". There is a danger that if we talk about such personal tragedies in such detail in the press, that others may follow.

What the howling wolves doesn't seem to understand is what they are doing is online bullying. The kind of bullying that clearly can cause such personal tragedies.

"If they are cheating, they deserve it" the wolves reply.

While I totally disagree with that argument, let me add that their kids do not deserve to lose a parent. Their family doesn't deserve to lose a loved one. And that also applies to friends, colleagues, neighbors and others.

If you are found to have bullied somebody into suicide however... I believe you deserve jailtime for that.

Was Ashley Madison extorting money from users?

Many articles - including the one that The Intercept published - have mentioned that Ashley Madison demands money to have accounts deleted, and have described the practice as "extortion".

Image
Full Delete
Be Discreet, remove all traces of your usage for only [Euros] 15.00
DELETE YOUR PROFILE
Full Delete Removal Includes:
Removal of profile from search results
Removal of profile from the site
Removal of messages sent and received
Removal of messages from recipient's mailboxes including Winks & Gifts
Removal of site usage history and personally identifiable information from the site
Removal of photos
Note: It may take up to 48 hours for some traces of your profile to be fully removed.


(I'm pleased to hear that Ashley Madison is now allowing users to delete their accounts for free).

I have my own experiences of what some may consider extortion.

For instance, once, at a nightclub in Berlin, I was given a small card at the entrance. The waiters would cut small marks into the card when I ordered beer and drinks, and when I left the club they counted the marks and gave me the bill.

What would happen if I lost the card? I would have to pay the maximum price before I was allowed to leave. I remember considering that as "a funny way to commit extortion".

Another time, I acquired a free SSL certificate from one of the many certificate authorities out there. Did I read the EULA for that? Of course not! Silly me...

Because if I had I would have seen that I ever wanted or needed to revoke the certificate because my site and certificate became compromised, I would have to pay money to have it revoked. I wonder if The Intercept would consider that extortion as well?

The definition of extortion as far as I can see says that it is a criminal offence. Yet the three examples given above are all still legal as far as I know.

So don't beat Ashley Madison up for asking for money to have accounts deleted - you may not approve of that business practice, but users should really have read the EULA when they created their accounts in the first place.

What Ashley Madison did wrong was to to make it way too easy for people to create fake accounts using other peoples names, pictures and email addresses.

Raise your hand if you always read the EULA before signing up for a service or product, and I'll gift-wrap and send you a stone, so that you can throw the first one.

Re: Leaked AshleyMadison Emails Suggest Execs Hacked Competi

PostPosted: Tue Aug 25, 2015 9:30 pm
by admin
Man Outed In Ashley Madison Hack Commits Suicide
by Priscilla Mason
August 18, 2015
UNITEDMEDIAPUBLISHING.com

NOTICE: THIS WORK MAY BE PROTECTED BY COPYRIGHT

YOU ARE REQUIRED TO READ THE COPYRIGHT NOTICE AT THIS LINK BEFORE YOU READ THE FOLLOWING WORK, THAT IS AVAILABLE SOLELY FOR PRIVATE STUDY, SCHOLARSHIP OR RESEARCH PURSUANT TO 17 U.S.C. SECTION 107 AND 108. IN THE EVENT THAT THE LIBRARY DETERMINES THAT UNLAWFUL COPYING OF THIS WORK HAS OCCURRED, THE LIBRARY HAS THE RIGHT TO BLOCK THE I.P. ADDRESS AT WHICH THE UNLAWFUL COPYING APPEARED TO HAVE OCCURRED. THANK YOU FOR RESPECTING THE RIGHTS OF COPYRIGHT OWNERS.


Image

The recent Ashley Madison hacking incident drove one Chicago, IL man to take his own life.

Ashley Madison is a dating website which specializes in infidelity. As per the site’s FAQ, “… If you still feel that you will seek a person other than your partner to fill your unmet needs, then we truly believe that our service is the best place to start.”

But perhaps Ashley Madison is not the best place to start, as they recently announced their database had been hacked, and the personal information of millions of users stolen. The hackers, calling themselves ‘Impact Team’, released a manifesto where they call the site’s customers “scum bags”, and state their plans to continue releasing the personal information until ashleymadison.com is removed from the web.

Surprising to no one, the hacker’s actions are having serious -- and in one case, fatal -- consequences.

Donald Bradshaw of Chicago, IL, had been married for the past 11 years. He and his wife had two children, owned a home, and by all outward appearances were living the American dream. However, Donald was seeking intimate relationships with women other than his wife and was using the Ashley Madison site to do so.

In a suicide note recovered by police, Donald expressed his regrets, and why he choose to take his own life. “I am sory[sic] for being unfaithful. I know that you will leave me now and take the kids. I know that I will be fired from my job at your fathers[sic] company and that my life as I know it is going to change drastically for the worse. So I’m just going too[sic] make it easy on you. You get everything. Goodbye.”

The corner’s report indicates that Donald took a fatal dose of prescription medication. His death has been ruled a suicide, and authorities say they do not believe there was any foul play involved.

It’s unknown if or how Ashley Madison executives will respond, and all press inquiries from United Media Publishing have been ignored.

Re: Leaked AshleyMadison Emails Suggest Execs Hacked Competi

PostPosted: Wed Aug 26, 2015 1:36 am
by admin
TrustedSec, Others Confirm New Dump Of Estimated 200,000 Ashley Madison CEO Emails
by Lisa Brownlee
AUG 22, 2015

NOTICE: THIS WORK MAY BE PROTECTED BY COPYRIGHT

YOU ARE REQUIRED TO READ THE COPYRIGHT NOTICE AT THIS LINK BEFORE YOU READ THE FOLLOWING WORK, THAT IS AVAILABLE SOLELY FOR PRIVATE STUDY, SCHOLARSHIP OR RESEARCH PURSUANT TO 17 U.S.C. SECTION 107 AND 108. IN THE EVENT THAT THE LIBRARY DETERMINES THAT UNLAWFUL COPYING OF THIS WORK HAS OCCURRED, THE LIBRARY HAS THE RIGHT TO BLOCK THE I.P. ADDRESS AT WHICH THE UNLAWFUL COPYING APPEARED TO HAVE OCCURRED. THANK YOU FOR RESPECTING THE RIGHTS OF COPYRIGHT OWNERS.


After several false starts with dumps of corrupted and therefore inaccessible Ashley Madison CEO email files by hackers Impact Team TISI +%, a new file was dumped early this morning. This dump was confirmed by numerous sources, including Brian Krebs, who indicated that it looked “like the third . . dump is a corrected version of AshMad CEO’s inbox, to fix the last dump that was corrupted.”

TrustedSec also confirmed this morning that Impact Team had released a new dump “apparently fixing the zip file issue from the CEO’s emails from the 2nd dump release.” Further according to TrustedSec, the extracted size of the file is about 30G that “on first pass shows that it is a Gmail archive file, ranging from July 7, 2015 back to Jan 10, 2012.” The file “appears to contain approximately 200k total emails from 6800 unique senders to 3600 unique recipients.” TrustedSec indicated that it will not be doing any further analysis.

Image
(Photo by Carl Court/Getty Images)

Per Thorsheim, CEO and Security Adviser, God Praksis AS confirmed to me independently by email that there were 200,000 or more emails, with 93.2% percent downloaded. Thorsheim does not have the files and is reporting based on examination of external file directory.

Thorsheim stated that the attack on Ashley Madison/Avid Life Media is “terrifying because of the ferocity of the attack, the timing of data release to extend the ‘media life’ of the story. . .and the disrespect for Ashley Madison users, their family, friends and other innocent people being affected.”

“The combination of massive sensitive personal information, amount of users affected and ferocity and stamina of the attackers sends a strong signal to any business worldwide to brace themselves for the future,“ Thorsheim added.

As indicated in my previous report on the latest dumps, the potential stakes in this dump may be higher than in the dumps of user data.

There is sensitive intellectual property in these files including source code and now, accessible emails that most likely contain trade secrets, including business discussions, possibly about the planned IPO and other sensitive information.

Re: Leaked AshleyMadison Emails Suggest Execs Hacked Competi

PostPosted: Thu Aug 27, 2015 8:49 pm
by admin
“JOSH DUGGAR CHEATED WITH ME!”: WOMAN TELLS ALL ABOUT THEIR TWO SEXUAL ENCOUNTERS
by In Touch Weekly
August 26, 2015

NOTICE: THIS WORK MAY BE PROTECTED BY COPYRIGHT

YOU ARE REQUIRED TO READ THE COPYRIGHT NOTICE AT THIS LINK BEFORE YOU READ THE FOLLOWING WORK, THAT IS AVAILABLE SOLELY FOR PRIVATE STUDY, SCHOLARSHIP OR RESEARCH PURSUANT TO 17 U.S.C. SECTION 107 AND 108. IN THE EVENT THAT THE LIBRARY DETERMINES THAT UNLAWFUL COPYING OF THIS WORK HAS OCCURRED, THE LIBRARY HAS THE RIGHT TO BLOCK THE I.P. ADDRESS AT WHICH THE UNLAWFUL COPYING APPEARED TO HAVE OCCURRED. THANK YOU FOR RESPECTING THE RIGHTS OF COPYRIGHT OWNERS.


Image

In a bombshell world-exclusive interview with In Touch magazine, stripper and porn star Danica Dillon, 28, reveals she had sex not once, but on two separate occasions, with Josh Duggar, both occurring when his wife, Anna, was pregnant with their fourth child!

Danica — who passed a polygraph test conducted for In Touch by a top certified polygrapher on Aug. 24 — details her two sexual encounters with Josh in the new issue of +In Touch+, on newsstands now. The first occurred after Josh approached her at the Gold Club in Philadelphia, where she was performing, in mid-March and the second only a month later when Danica was performing at Creekside Cabaret in Colmar, Pa.

Image

“He walked into the Gold Club like a normal patron and said he’d been a fan for a long time and has watched my career grow — he even said from before my boob job until recently — and that he loved watching my very first scene on [an adult website],” she tells In Touch. “Then it got creepy.”

After watching her show and "eyeballing me," Danica says he bought $600 in private dances and then “asked me how would he be able to spend the evening with me.” She reveals to In Touch that Josh was violent with her when they had sex, he did not use protection and gave her thousands of dollars after their encounters.

Danica admits she “took the opportunity because Josh offered to gift [her] $1,500.” But soon after Josh arrived at her hotel room, things got rough.


Image

“He was manhandling me, basically tossing me around like I was a rag doll,” Danica, whose real name is Ashley Lewis, and although the sex was consensual, “It was very traumatic. I’ve had rough sex before, but this was terrifying.”

Josh, identified as one of the cheating spouses in the Ashley Madison hack, confirmed in a statement that he was unfaithful and had a pornography addiction: "I have been the biggest hypocrite ever. While espousing faith and family values, I have secretly over the last several years been viewing pornography on the Internet and this became a secret addiction and I became unfaithful to my wife."

Image

“I think that after I come out, there will probably be plenty more girls after me," Danica tells In Touch. “I actually really hope that his wife leaves him and takes his children away from him and leaves him a lonely, bitter man. I don’t think he deserves happiness.”

Read Danica’s full story about both of her sexual encounters with Josh Duggar only in the new issue of In Touch magazine, on newsstands now!

Re: Leaked AshleyMadison Emails Suggest Execs Hacked Competi

PostPosted: Thu Aug 27, 2015 8:55 pm
by admin
JOSH DUGGAR CONFESSES TO CHEATING ON WIFE ANNA, JIM BOB AND MICHELLE SPEAK OUT
by Carly Sitzer
Aug 20, 2015

NOTICE: THIS WORK MAY BE PROTECTED BY COPYRIGHT

YOU ARE REQUIRED TO READ THE COPYRIGHT NOTICE AT THIS LINK BEFORE YOU READ THE FOLLOWING WORK, THAT IS AVAILABLE SOLELY FOR PRIVATE STUDY, SCHOLARSHIP OR RESEARCH PURSUANT TO 17 U.S.C. SECTION 107 AND 108. IN THE EVENT THAT THE LIBRARY DETERMINES THAT UNLAWFUL COPYING OF THIS WORK HAS OCCURRED, THE LIBRARY HAS THE RIGHT TO BLOCK THE I.P. ADDRESS AT WHICH THE UNLAWFUL COPYING APPEARED TO HAVE OCCURRED. THANK YOU FOR RESPECTING THE RIGHTS OF COPYRIGHT OWNERS.


Image

Just one day after it was reported that Josh Duggar was one of the many people whose account with Ashley Madison — a dating service aimed at people in monogamous relationships looking to have affairs — was made public as part of a hack, the 27-year-old has released a statement confirming his infidelity.

Image

In the statement posted to his family’s site, the married father-of-four wrote:

“I have been the biggest hypocrite ever. While espousing faith and family values, I have secretly over the last several years been viewing pornography on the Internet and this became a secret addiction and I became unfaithful to my wife.

“I am so ashamed of the double life that I have been living and am grieved for the hurt, pain and disgrace my sin has caused my wife and family, and most of all Jesus and all those who profess faith in Him.

“I brought hurt and a reproach to my family, close friends and the fans of our show with my actions that happened when I was 14-15 years old, and now I have re-broken their trust.

“The last few years, while publicly stating I was fighting against immorality in our country, I was hiding my own personal failings.

“As I am learning the hard way, we have the freedom to choose to our actions, but we do not get to choose our consequences. I deeply regret all hurt I have caused so many by being such a bad example.

“I humbly ask for your forgiveness. Please pray for my precious wife Anna and our family during this time.”


Image

Josh had previously served as the executive director of FRC Action, which is subset of the Family Research Council — a lobbying group that advocates for “traditional family values.”

The group severed ties with the former 19 Kids and Counting star in May, shortly after In Touch Weekly revealed he molested five underage women, including four of his younger sisters, when he was a teenager.

Jim Bob and Michelle Duggar also addressed their oldest son’s latest controversy today, saying, “When we learned of this late last night our hearts were broken. As we continue to place our trust in God we ask for your prayers for Josh, Anna, our grandchildren and our entire family.”

Re: Leaked AshleyMadison Emails Suggest Execs Hacked Competi

PostPosted: Thu Aug 27, 2015 9:09 pm
by admin
Josh Duggar Paid for an 'Affair Guarantee' on Ashley Madison
BY CHRISTINA DUGAN @Christina_Dugan
08/21/2015 AT 10:00 AM EDT

NOTICE: THIS WORK MAY BE PROTECTED BY COPYRIGHT

YOU ARE REQUIRED TO READ THE COPYRIGHT NOTICE AT THIS LINK BEFORE YOU READ THE FOLLOWING WORK, THAT IS AVAILABLE SOLELY FOR PRIVATE STUDY, SCHOLARSHIP OR RESEARCH PURSUANT TO 17 U.S.C. SECTION 107 AND 108. IN THE EVENT THAT THE LIBRARY DETERMINES THAT UNLAWFUL COPYING OF THIS WORK HAS OCCURRED, THE LIBRARY HAS THE RIGHT TO BLOCK THE I.P. ADDRESS AT WHICH THE UNLAWFUL COPYING APPEARED TO HAVE OCCURRED. THANK YOU FOR RESPECTING THE RIGHTS OF COPYRIGHT OWNERS.


Image

Josh Duggar did not have to release any of his financial information in order to access Ashley Madison, the website created for those seeking extramarital affairs.

A few months after apologizing for his "wrongdoing" in the child molestation scandal, Duggar has confessed to cheating on his wife Anna, developing an Internet pornography addiction (which he later removed from his statement) and signing up for two paid subscriptions to Ashley Madison.

The "infidelity site," which prides itself with the motto "Life is Short. Have an Affair," is similar to most online dating sites: It's free ... to a certain extent.

According to the site, its service is completely free to sign up as a guest member. However, guest members have limited site usage.

As a guest member, you can receive winks, send and receive photos, add members to your Favorites list, reply to any "Full Member" and perform searches. However, a guest member cannot initiate any contact with full members.

As a full member, or a paid member, users are able to send a custom mail message, initiate a chat session, send a priority message or send virtual gifts to express his/her interest with the purchase of credits, according to the site.

Ashley Madison is different from other online dating sites in that users do not pay for monthly subscriptions but rather pay for credits. These credits can give you access to many different features, depending on how many you purchase.

Then, there is the "affair guarantee."

According to account information obtained by Gawker, Duggar, 27, had two different Ashley Madison subscriptions from February 2013 until May 2015, paying a total of $986.76.

According to the data, which was released by hackers on Tuesday, Duggar paid an initial fee of $249 that seems to have gone toward the purchase of an "affair guarantee." This paid feature can "increase your chances of having an affair from possibly to definitely or your money back," according to the site.

Amid the controversy, Duggar released a statement on the family's website, calling himself "the biggest hypocrite ever."

"While espousing faith and family values, I have been unfaithful to my wife," the statement continued. "I am so ashamed of the double life that I have been living and am grieved for the hurt, pain and disgrace my sin has caused my wife and family, and most of all Jesus and all those who profess faith in Him."

As far as Duggar's wife Anna is concerned, it seems like she will continue standing by her husband's side.

"Anna will not leave him," a source with ties to the family told PEOPLE. "As with her in-laws, she is turning more to her faith than ever. She and Josh are probably praying around the clock right now, I would assume."

Re: Leaked AshleyMadison Emails Suggest Execs Hacked Competi

PostPosted: Thu Aug 27, 2015 9:38 pm
by admin
Josh Duggar’s Ashley Madison Problem
by Andrea Denhoed
AUGUST 21, 2015

NOTICE: THIS WORK MAY BE PROTECTED BY COPYRIGHT

YOU ARE REQUIRED TO READ THE COPYRIGHT NOTICE AT THIS LINK BEFORE YOU READ THE FOLLOWING WORK, THAT IS AVAILABLE SOLELY FOR PRIVATE STUDY, SCHOLARSHIP OR RESEARCH PURSUANT TO 17 U.S.C. SECTION 107 AND 108. IN THE EVENT THAT THE LIBRARY DETERMINES THAT UNLAWFUL COPYING OF THIS WORK HAS OCCURRED, THE LIBRARY HAS THE RIGHT TO BLOCK THE I.P. ADDRESS AT WHICH THE UNLAWFUL COPYING APPEARED TO HAVE OCCURRED. THANK YOU FOR RESPECTING THE RIGHTS OF COPYRIGHT OWNERS.


Image
Josh Duggar and members of his family are interviewed for television.
CREDIT PHOTOGRAPH BY D DIPASUPIL/GETTY FOR EXTRA


The first outed celebrity in the Ashley Madison hacking dump is Josh Duggar, the eldest son of Jim Bob and Michelle Duggar, whose enormous, homeschooled, right-wing Christian clan was the subject of the TLC reality show “19 Kids and Counting.” It ran from 2008 until May of this year, when it was cancelled following a different sex scandal involving Josh: the revelation that he had been accused of molesting several underage girls, including some of his sisters, when he was fourteen years old.

Just a few months before the molestation charges came to light, the Duggars had been the target of a Change.org petition, with almost two hundred thousand signatures demanding that the family’s show be cancelled because of their active opposition to a local ordinance that would ban discrimination on the basis of sexual orientation or gender identity. (Josh Duggar has been particularly active in politics and was working for the political-lobbying branch of the conservative Family Research Council at the time, though he subsequently resigned.) When the allegations of molestation arose, Duggar’s critics couldn’t resist some gleeful schadenfreude, while allies like Mike Huckabee rushed to offer assurances that Josh was repentant, a changed man and the victim of vicious sensationalism. “Progressive trolls have been anxiously waiting for a chance to burn them down and dance on their ashes,” the conservative blogger Matt Walsh wrote of the family.

Josh’s sisters Jill and Jessa, who had been fondled by their brother, made statements in support of him, expressing shock that the incident had been made public. That the girls had this very personal trauma dragged into the town square does seem unfair. But perhaps not as unfair as their parents’ decision to raise them in “Truman Show”-like conditions as a model of a strong, values-driven Christian family—just a few years after they were sleeping with locks on their doors to safeguard them from the possibility of any further attacks by their brother. (Following the show’s cancellation, Jim Bob and Michelle wrote in a statement that “our desire in opening our home to the world is to share Bible principles that are the answers for life’s problems.”)

On Wednesday, just a few weeks after TLC formalized the cancellation of “19 Kids,” Gawker posted evidence that Josh Duggar was a paying member of Ashley Madison, the social-networking site made to facilitate illicit extramarital affairs. He’d spent almost a thousand dollars on two different accounts between February, 2013, and May, 2015, including an “affair guarantee” fee of two hundred and fifty dollars. (Ashley Feinberg, of Gawker, said that the news site had received an anonymous tip.) Yesterday afternoon, the Duggars issued a statement in which Josh wrote, “I have been the biggest hypocrite ever. While espousing faith and family values, I have secretly over the last several years been viewing pornography on the internet and this became a secret addiction and I became unfaithful to my wife.” (The statement was later edited to remove the reference to pornography and a reference to allowing “Satan to build a fortress” in his heart. Soon after that, it was removed entirely from the Duggars’ Web site, but has since been restored—quiet evidence of what must have been a behind-the-scenes P.R. scramble.) Reading between the lines, Josh creates a narrative of a slippery slope—the porn, the porn addiction, the unfaithfulness—which he slid down as though hypnotized. To members of the Duggars’ religious community, the path he outlines will have echoes of cautionary tales about dangerous appetites being given an inch and taking a mile.

This revelation comes at a time when the niche of conservative Christian homeschooling to which the Duggars belong can’t very well afford another disgraced celebrity. (I should note here that I grew up with Christian homeschooling, although I no longer have active connections with the community.) The past couple of years have been punctuated by scandals involving prominent figures in the movement. In October, 2013, Doug Phillips, of the Vision Forum, an organization that promoted the idea of “Biblical patriarchy,” stepped down from his role as president after being accused of sexually assaulting his children’s nanny several years before. In March, 2014, Bill Gothard, the founder of the Institute in Basic Life Principles, a homeschooling organization that promotes a strict conservative life style, with an emphasis on extremely modest dress and on women’s place in the home, was put on administrative leave (and later stepped down); an organization called Recovering Grace had released allegations from multiple former female employees of Gothard, many of whom were teen-agers when they worked for him, accusing him of sexual harassment. (The Duggars are known to have been involved with Gothard’s Institute.) In August, 2014, Michael Farris, the founder of the Home School Legal Defense Association and Patrick Henry College, sometimes known as “God’s Harvard,” released a statement disowning the ideas of Biblical patriarchy with which Phillips and Gothard are associated. Earlier that year, however, Patrick Henry College had been hit with its own scandal, when The New Republic published an extensive story about allegations that the administration had dismissed or ignored female students’ reports of sexual assault. (Patrick Henry disputed the story, calling it “unbalanced and inaccurate.”)

Over the same period, a Web site called Homeschoolers Anonymous started gathering stories of hypocrisy, neglect, abuse, and dissatisfaction from former homeschoolers. It’s become a gadfly in the community. Many of the movement’s leaders have been forced to acknowledge, even if it is to dismiss, the stories and critiques that the site publishes. (Full disclosure: I grew up with some of the leaders of H.A., but, then, I also grew up with people who would describe H.A. contributors as sensationalist, misguided strays who have been brainwashed by liberal institutions.) For a movement that has invested deeply, over the years, in the moral and practical superiority of its model for family life, the spate of bad publicity is particularly damaging.

The flip side of the strict sexual prohibitions in the culture to which the Duggars belong is a belief, sometimes bordering on the prurient, in the unbridled nature of male sexuality. Men are often portrayed as sexually ravenous, constantly on the edge of losing control of their libidos. Women, meanwhile, are generally seen as guardians of purity who must not stoke men’s passions. In the book “Growing Up Duggar,” the Duggar daughters write that their family has a code word (“Nike”) that they use to warn their dad and brothers to keep their eyes on their shoes when a woman who is deemed to be too immodestly dressed is approaching, “to help keep the guys’ eyes from seeing things they shouldn’t be seeing.” In an interview with Megyn Kelly shortly after the molestation charges were made public, Jessa said, by way of explaining her brother’s actions, “In Josh’s case, he was a boy, a young boy in puberty and a little too curious about girls. And that got him into some trouble.” Josh’s earlier scandal might be explained away, then, not just by his youth but by the fact that he was male. It’s not enough to argue that Josh Duggar acted out because he was repressed; there’s also the question of how these teachings affect a boy’s (or a man’s) understanding of his own sexual volition.

Walsh, the conservative blogger who defended Josh Duggar after the molestation story broke, was one of the few former supporters to comment on the Ashley Madison report. He tweeted, “I wrote a piece a while ago giving Josh Duggar the benefit of the doubt that he’d changed his ways and turned to God. I now regret that post.” Later, on Facebook, he wrote, “So I was wrong about Josh being a repentant man.” It’s a little odd to talk about these two very different episodes as though one were the natural sequel of the other, but Walsh isn’t the only one who had once been eager to attest to Josh Duggar’s moral rectitude. At the time of the first scandal, Mike Huckabee wrote, “The fact that he confessed his sins to those he harmed, sought help, and has gone forward to live a responsible and circumspect life as an adult is testament to his family’s authenticity and humility.” Jessa Duggar’s father-in-law, Michael Seewald, wrote that the molestation incident had been “laid to rest well over a decade ago with Josh’s repentance and reformation.” But the redemption story was a little too neat, and the capacity for moral perception that was claimed by Duggar’s former defenders was blithe. Those claiming to profess a philosophy built on human brokenness might take more of a pause before making a show of declaring people mended.