RTC02: Time’s up

This is one of a multi-part series. For other instalments, see Romancing the code: Ashley’s Angels and internet demons.

In July 2015, a group calling itself the Impact Team contacted ALM, ordering them to take down all iterations of AM, as well as an associated site, Established Men. As proof of both their intentions and their possession of the data, the Impact Team included a selection of files containing sensitive user data, and the following message:

Time's Up

Whatever the discussions behind the scenes, ALM did not comply, and over a series of days in August, the Impact Team released onto the dark net several large data-dumps. As part of one of these, in a README created at 22:01, 19th July 2015, the Impact Team wrote:

Avid Life Media runs Ashley Madison, the internet’s #1 cheating site, for people who are married or in a relationship to have an affair. ALM also runs Established Men, a prostitution/human trafficking website for rich men to pay for sex, as well as cougar life, a dating website for cougars, man crunch, a site for gay dating, swappernet for swingers, and the big and the beautiful, for overweight dating. […]

We are the Impact Team. We have hacked them completely, taking over their entire office and production domains and thousands of systems, and over the past few years have taken all customer information databases, complete source code repositories, financial records, documentation, and emails, as we prove here. And it was easy. For a company whose main promise is secrecy, it’s like you didn’t even try, like you thought you had never pissed anyone off.

Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails. The other websites may stay online.

So far, ALM has not complied.

The most significant contents of the datasets, for the purposes of this series of blog posts, were:

  • Five tables containing a wide array of information about thirty to forty million AM users, such as email addresses, physical addresses, phone numbers, relationship status (e.g. married or single, seeking men or women), height, weight, hair and eye colour, smoking and drinking habits, sexual preferences, and so forth.
  • 197,368 individual emails[1] from 10th Jan 2012 to 07th July 2015, to and from AM CEO, Noel Biderman (far more when the in-text quotations of other emails are taken into account) along with thousands of attachments, such as presentations, documents, and pictures.
  • Extensive .git source code for AM, plus several other related sites, apps, and tools, some complete and operating, others at various stages of development.
  • 2,642 CSV files, each containing one day of user payment transactions, dating from 21st March 2008 to 28th June 2015. These include usernames, offline names, email and physical addresses, and purchase details, including the last four numbers of the card used.

The data-dumps did not long remain on the dark net. Within hours they were available as torrents, and shortly after, the world’s media was already publishing incriminating details about a number of high profile figures. However, whilst interesting, or even critical to many, for the average individual without the necessary skills, software, and data-storage to decompress and then reconstruct the different data-types, despite the immediate availability of the data, the information contained within the files remained largely inaccessible.

 

Footnotes

[1] At least for the version that I found, the email data-dump download never progressed beyond 93%, so around 14,000-15,000 emails appear to be missing from the overall total.

 

Read the next instalment – RTC03: Missing pieces.