Good questions to ask in online dating emails
It's notable, however, that the cheating site, in using the secure hashing algorithm, surpassed many other victims of breaches we've seen over the years who never bothered to encrypt customer passwords."We’re so used to seeing cleartext and MD5 hashes," Graham says."It’s refreshing to see bcrypt actually being used."Here's how the hackers introduced the new data dump: Following the intrusion last month, the hackers, who called themselves the Impact Team, demanded that Avid Life Media, owner of Ashley and its companion site Established Men, take down the two sites.Ashley claimed to have nearly 40 million users at the time of the breach about a month ago, all apparently in the market for clandestine hookups."Ashley Madison is the most famous name in infidelity and married dating," the site asserts on its homepage. Thousands of cheating wives and cheating husbands signup everyday looking for an affair....With Our affair guarantee package we guarantee you will find the perfect affair partner."The data released by the hackers includes names, passwords, addresses and phone numbers submitted by users of the site, though it's unclear how many members provided legitimate details to open accounts.
"The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society."I'm looking for someone who isn't happy at home or just bored and looking for some excitement," wrote one member who provided an address in Ottawa and the name and phone number of someone who works for the Customs and Immigration Union in Canada."I love it when I'm called and told I have 15 minutes to get to someplace where I'll be greeted at the door with a surprise—maybe lingerie, nakedness. I like lots of foreplay and stamina, fun, discretion, oral, even willingness to experiment—*smile*"Passwords released in the data dump appear to have been hashed using the bcrypt algorithm for PHP, but Robert Graham, CEO of Erratasec, says that despite this being one of the most secure ways to store passwords, "hackers are still likely to be able to 'crack' many of these hashes in order to discover the account holder's original password." If the accounts are still online, this means hackers will be able to grab any private correspondence associated with the accounts.This data, which amounts to millions of payment transactions going back to 2008, includes names, street address, email address and amount paid, but not the full credit card numbers; instead it includes just four digits for each transaction, which may in fact be the last four digits of the credit card numbers or simply a transaction ID unique to each charge.The data also includes descriptions of what members were seeking.