UPDATED 21:47 EDT / AUGUST 20 2015

NEWS

New Ashley Madison hack data dump includes internal emails, source code

The hackers behind the hacking of extra-marital affairs site Ashley Madison struck again Thursday dumping a new release of 19GB of data.

Serial cheaters may not have a huge amount to fear from the new release however, with the dump including a 13GB file named noel.biderman.mail.7z, suggesting that it contains e-mail from Noel Biderman, the Chief Executive Officer of Avid Life Media, Inc., the parent company of Ashley Madison.

Ars Technica reports that file can’t be unpacked because it is inexplicably corrupted, noting that security researchers are suggesting that it could be intentionally fake.

A note with the data dump though is inexplicably clear, with The Impact Team (the individual or group behind the hack) stating simply “Hey Noel, you can admit it’s real now?”, a reference to attempts by Biderman and others to cast doubt as to whether the earlier release of hacked Ashley Madison data was legitimate.

Also included in the dump was the full source code to the Ashley Madison site, potentially allowing other hacking groups to find new ways to hack the site.

As security firm Trustsec explained in a blog post:

Interesting enough—if this turns out to be legitimate which it in all aspects appears to be—having full source code to these websites means that other hacker groups now have the ability to find new flaws in Avid Life’s websites, and further compromise them more.

If there was any question to the validity of the data before – those should be removed now.

The spin stops here

Despite various attempts to deny that the data released previously in the hack is legitimate, worldwide media attention, including in some cases details of individual users being published, has proven that no matter how much Avid Life Media wants to spin it, the dump is real and the cat, having being released from the bag, is unable to be returned.

What isn’t being discussed publicly though is some of the activities Avid Life Media is undertaking to try to push a line that the data is fake.

In a comment on KrebsonSecurity, the site that broke the hacking news initially, one commenter notes that there are fake copies of the dump being circulated, suggesting perhaps that the folks behind Ashley Madison themselves are putting out “false flag” files in an attempt to muddy the waters.

“I downloaded yesterday -2- different sets of data. Both had the same file naming and the file sizes were comparable”, user Applestar wrote, before adding “while one of the data sets was full of fake data the other one was the real data.”

“For me the reason is clear: someone.. is desperately trying to tell the world the data spreading is ‘fake’ or at least ‘mixed’ and ‘inaccurate’…I guess they want to add some confusion so that mainstream media does not now what to write. And it might help some poor guys being caught with their credentials on the real files.”

With the new data dump expect more spin and lies from Avid Life Media as the people running the company desperately try in vain to save their reputations and business.

Update: check here for details on how to search the Ashley Madison hacked/leaked database online.

Image credit: Trusted Security.

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU