NEW YORK – It was only a matter of time.
The stolen database of 32 million people who used the cheating website AshleyMadison.com has made its way to the web. And, it’s easily searchable on several websites.
Just plug in a name or email address, and you’ll find out if someone signed up for the service. If you know exactly what to look for, they can be found via regular web searches.
Usually, hacked data is difficult to reach or sort through. Stolen files are posted on the Dark Web, which requires a special web browser called Tor. And, they’re traded on file-sharing platforms, which also requires special software and clicking on dubious downloads.
But, now, anyone can check if his or her spouse was cheating by simply filling out a form.
Someone has even created a custom Google Map that displays some of Ashley Madison users’ addresses registered with the website.
[protected-iframe id=”74d3b3bda15242e76cb97c2cf4e4df4f-29519643-62065474″ info=”https://tecnilogica.cartodb.com/viz/56e702fe-4693-11e5-8f79-0e853d047bba/embed_map” width=”100%” height=”520″ frameborder=”0″ webkitallowfullscreen=”” mozallowfullscreen=”” allowfullscreen=””]
It’s difficult to verify the accuracy of these searching tools. But, at least one tool, which searches by email address, returns accurate results. CNNMoney verified this by plugging in email addresses of users it has independently verified.
The danger of being exposed is real.
Many of the cheaters exposed in this hack serve in the U.S. military, evident because they used email addresses that end in the .mil domain, adultery violates the Uniform Code of Military Justice. It’s a prosecutable offense that can land you a year in confinement and a dishonorable discharge.
There were also people who used Ashley Madison to engage in gay affairs, and there are 79 countries worldwide where homosexuality is illegal. In Afghanistan, Iran, Mauritania, Nigeria, Qatar, Saudi Arabia and the United Arab Emirates, the punishment is death.
A quick search of a small subset of Ashley Madison users listed two in the United Arab Emirates. Their addresses are most likely legitimate, because they were tied to the credit card they used to pay for the service, according to a computer researcher.
Tim Cook talked about this earlier this year when he said we don’t live in a post-privacy world, and absolute privacy of data still matters.
The Ashley Madison hack includes customer names, credit card data, physical addresses and sexual preferences. Some users were smart enough to use fake names, but financial data is legitimate. In total, the data makes it easy to hunt someone down.
The information is incredibly revealing. For example, the database shows if a person was listed as a married “male seeking male” with a “someone I can teach” sexual fantasy looking for a “boy next door” or an “attached female seeking male” with a “spanking” fantasy seeking “a Don Juan.”
The listed sexual fantasies range from master/slave relationships to cross dressing and exhibitionism.
This hack proves that you need to exercise extreme caution if you’re going to share your deepest, darkest secrets. Using your real name or payment information is a hazard. No website is impenetrable. Few websites practice good security standards. Even major American banks use second-rate security.
Ashley Madison had it even worse. As a hive of cheaters, it has long been the antagonist of betrayed spouses. It was an inevitable target for hackers. And, the company behind the website, Avid Life Media, knew it couldn’t protect user data.
That’s why, in fine print, Ashley Madison says, “We cannot ensure the security or privacy of information you provide through the Internet.” Compare that to the lofty promise it makes on the website front door for “100% discreet service.”