The Ashley Madison Scandal Resurfaces

When Ashley Madison, the dating website for cheaters, launched in 2002, it was seen as a fringe space for clandestine affairs. However, by 2015, the site claimed 31.5 million members and boasted international, high-profile recognition. 

Despite a questionable mission — to foster and facilitate infidelity — Ashley Madison was primed to “go public” and hoped to increase its already staggering revenue. The 2015 data breach of the website, now a subject of the Hulu documentary, The Ashley Madison Affair, created devastating consequences for Ashley Madison members and their loved ones.

Although you may feel like Ashley Madison members “got what they deserved,” many saw their lives irreparably ruined. Any of us could suffer the disastrous effects of a website data breach. 

The aftermath of the scandal raises vital questions about online privacy, deceptive practices, hack attacks, and the consequences of hacktivism. 

Let’s take a look.

Ashley Madison rises to popularity

Cyber criminals have launched computer attacks for decades. However, when Ashley Madison launched in 2002, the Internet was still in its youth —  promises of privacy and secure exchange of sensitive personal information seemed like a novelty. 

According to the documentary, Ashley Madison was named for the two most popular female baby’s names of 2001. Nevertheless, this “ick” factor enhanced the shock value the brand sought. Members of the salacious website took the company at its word that their personal data would remain confidential. 

Edgy, humor-based ad campaigns and the media-friendly personality of CEO and founder, Noel Biederman, made Ashley Madison a well-known brand, and its popularity surged. According to the documentary, high profile members included state senators, a dozen members of the Vatican, and perhaps most infamously, Josh Duggar, the star of the “family values” reality show, 19 and Counting. 

Everyday, wannabe adulterers quickly joined Ashley Madison too. The “dating” site’s membership numbers through the years grew exponentially, as you can see here:

• January, 2002: 66,000 members
• August, 2002: 550,000 members
• 2007: 1.2 million members   
• 2008: 2.8 million members
• 2014: 22 million members

How cybercriminals attacked Ashley Madison

Ashley Madison promoted its services as discreet and confidential. However, several former employees of the matchmaking service interviewed in the documentary claimed that before the data breach scam, no measurable online security protocols were in place.

One former employee stated that as the company grew, no new cybersecurity measures were taken. Revenue and shock were the values that drove the company, and online protection felt like an afterthought. This made Ashley Madison extremely vulnerable to cyberattacks such as malware and ransomware.

How the attack occurred

In 2015, a still unknown hacker (or hackers) gained administrative access to the Ashley Madison website and database. This invisible malevolent party then demanded that the site be shut down within 30 days, or they would expose every member’s personal data. The brand and its parent company, Avid Life Media (now known as Ruby) refused to give into the demands.

One month later, the hackers finally made good on their word and dumped over 9.7 gigabytes in data on the dark web. Credit card information, personal phone numbers and email accounts, and home addresses of website members were posted.  

Who was impacted by the attack

Along with the aforementioned high profile Ashley Madison clients, 15,000 .gov and .mil addresses were exposed in the breach. Pastors, teachers, doctors, and lawyers were all among those who feared their adultery would come to light. Even CEO Noel Biederman did not emerge unscathed, as the hackers exposed his activity on various escort sites.

And yet, the data breach didn’t just impact those who had willingly utilized the website’s services. 

An interview subject in The Ashley Madison Affair recalled a woman who had signed on to the site to ensure her husband wasn’t cheating, but never interacted with other members. Her online security was destroyed and her personal, confidential information was exposed.  

The motivation of the hackers

As of 2023, those responsible for the Ashley Madison data breach haven’t been apprehended. There was a $500,000 reward offered for their identities. But no one came forward, nor did anyone claim responsibility for the attack. In The Ashley Madison Affair, cybersecurity journalist, Brian Krebs, suggested that the attack was highly personal.

Krebs believes that whoever orchestrated the attack was out for revenge — against Noel Biederman or against the brand. A former employee who had sent threatening and abusive emails to Biederman was initially suspected. But he died a year before the breach occurred.

The catfishing crimes of Ashley Madison

As the breach was under investigation, Ashley Madison came under fire for cybercrimes of its own. In The Ashley Madison Affair, former employees confessed that the extremely unbalanced ratio of female to male membership profiles was, in reality, even lower.

In 2015, the site claimed to have 27.5 million male members and 4.1 million female members. According to the documentary, hundreds of thousands of the female profiles were fake. A lawsuit filed by a former Ashley Madison employee claimed carpal tunnel damage (among other damages) as a result of building over 1,000 fake bot profiles.

Ashley Madison actively participated in the catfishing of their own clients. 

The consequences of the cyberattack and in-house cyber crimes 

In the years since the cyber attack against Ashley Madison, former members have lost everything as a result of the data breach. Some of the consequences of the scandal include:

• Ashleymadisonsucks.com: This spoof website served as an additional whistleblower to the catfished profiles on the Ashley Madison site. The dating site has since purchased this domain name and uses it for positive damage control.

• Loss of employment: Many members lost their jobs as a result of their association with the website.

• Dissolution of family: Understandably, numerous members saw their marriages end due to their exposed adultery.

• Suicide: Sadly, at least two Ashley Madison clients took their own lives due to the fallout from the scandal.

• Lawsuits: Along with the lawsuit filed by a former employee, Ashley Madison’s parent company lost a civil action suit filed by 2,500 victims and 18 named plaintiffs.

What Ashley Madison is doing now

Shockingly, Ashley Madison is still up and running, and can boast large amounts of revenue. They mitigated the data breach scandal through stepping away from the limelight, coming to a mutual resignation agreement with Noel Biederman, and by hiring Ernst and Young to tighten the site’s security protocols.

The website now has a system in place to erase all bot profiles and to protect the confidential information of its members.

What the scandal means for the rest of us

Since the Ashley Madison scandal has resurfaced, it begs the question “why”? Even if our Internet activity holds no nefarious intent, we put ourselves at risk every time we access the web.

Online privacy and cybersecurity are issues that even the most casual Internet users should take seriously. Cyber criminals are becoming increasingly sophisticated and can steal your information through a variety of hacks including catfishing, malware, and phishing schemes.  

If you take the cybersecurity and safety of your smart devices seriously, and worry about getting catfished online, Social Catfish has a great tool to help you ensure the legitimacy of your online contacts.

TRY SOCIAL CATFISH NOW

Check out the What is My IP Address blog for more insights and tips to keep your online life secure.