The Ashley Madison breach is highly publicized because of the type of site … and who doesn’t love a good juicy story with their morning cup of joe. From a cybersecurity advisor point of view I fear this breach will have a higher success rate of follow-up attacks. Here is some of the intelligence shared with peers and clients:
- The named names (which may have just been tossed in their by pranksters) will be subject to a strong amount of email and social media attacks given the exposed personal data
- Individuals listed will do anything to clean up the mess, and honestly click on just about anything at this moment claiming to clear their name or about details of it being listed
- All of these “media” reports and exposures with people being called out on twitter, in blogs, and more will only result in the ability to hide malicious links within the fray
This goes beyond wanting those who go against your moral code and lands squarely in the hands of those who are tasked with protecting our lives and freedom. Immediate advice:
- Be careful with this information
- Do not click on any links claiming to save your information, and
- Recognize that others will try to leverage these details against you … be armed, please!
While I didn’t consider this scenario in the book, How Not To Be Hacked, the last chapters speak on how to lock down your identity and recover from such an exposure and I couldn’t recommend it more strongly today.
More than 15,000 emails revealed by the leak are hosted on US government and military servers, as well as numerous emails associated with individuals who work for the British government.
Controversial blogger Andrew Auernheimer has been busy naming names of powerful people exposed by the leak, including individuals from Naval Intelligence, the TSA, and the Attorney General’s office.