Skip to main content

Advertisement

Advertisement

The biggest mistake AshleyMadison customers made: Using their credit cards

SAN FRANCISCO — Digital extortionists are holding the sexual profiles of potentially 37 million adulterers hostage after a breach of infidelity website AshleyMadison.com.

SAN FRANCISCO — Digital extortionists are holding the sexual profiles of potentially 37 million adulterers hostage after a breach of infidelity website AshleyMadison.com.

In a ransom message published on the site's homepage today (July 21), the hackers threaten to publish reams of private information unless AshleyMadison.com and its peer site, EstablishedMen.com, are taken offline. Among that information, the message states, are "all customer records" including "real names and addresses".

Which got me thinking about the tortured logistics of cheating. Putting aside the issue of doing it in the first place, many of the men and women who use AshleyMadison were apparently unaware—or did not care—that most websites now take every scrap of data they can and assemble highly detailed profiles of their users.

So even if you do not think you are giving away identifiable information, you probably are.

In this case, millions of people who were stepping out on their spouses—and hoping and praying today that the hackers do not dump their philandering secrets online—are discovering a serious breakdown in their operational security: They used personal credit cards to pay for the service.

Most people do not think about it when they swipe a credit card or give the number to an online retailer, but the transaction actually reveals quite a bit about you. First and foremost: your name. In the AshleyMadison hack, those responsible are threatening to expose data that include payment information linked to painfully sensitive details from users' profiles. Those profiles contain the findings of an extensive survey given to new AshleyMadison users asking them to outline their reasons for being on the site and their most secret sexual fantasies.

AshleyMadison boasts on its homepage that it is has more than 37.6 million anonymous members. It also touts that it is the leading dating service for "discreet" sexual encounters for married people. Yet while it offers methods for paying fees anonymously, many people apparently did not use them. And despite the site's assurances about privacy and discretion—including about how charges will show up on customers' bills—it is of little use if the data are linked on the back end in a way that hackers or malicious insiders can steal and leverage.

The site's parent company, Avid Life Media, declined to comment on its data-linking practices.

Of course, a few basic tricks make it possible to assure at least a modicum of anonymity transacting online. For those seriously concerned about online privacy—such as human rights activists, whistle blowers, and journalists—such tools as prepaid debit cards, encrypted e-mail, and anonymous browsing technologies are the coin of the realm. Many philanderers using AshleyMadison's services, who presumably took extraordinary steps to hide affairs from their partners, appear to have missed that memo. BLOOMBERG

Read more of the latest in

Advertisement

Advertisement

Stay in the know. Anytime. Anywhere.

Subscribe to get daily news updates, insights and must reads delivered straight to your inbox.

By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.