The son of a man by Jennifer Murawski (CC BY 2.0)

[this blog post was written by Assaf Godron and Dr. Yaniv Erlich (@erlichya)]

Digital Privacy First Aid

While the damage is already done, and there is no way to “unpublish” information, there are ways to reduce future risks.

1. If there is even a small chance you’ve used your AM password in other websites (even with other emails/usernames) — change password to all of your other accounts. AM password will likely be compromised in the future. Similarly, change the answers to any “security questions” (e.g “your First school” or “Mother’s maiden name”).

2. Do a first assessment damage control: determine if your information is already exposed. Search the email address used for AM and see if something comes up. To further minimize leaking more information, we recommend of searching with StartPage (https://startpage.com) that does not collect private information and is powered by Google. We also recommend using your browser in incognito/private mode for all operations. Try hard: go beyond the first page and use other search engines as well (e.g DuckDuckGo.com). Use one of the recent websites (e.g. https://ashley.cynic.al/ ), but be aware that using those websites has its own privacy issues and they collect information on search queries. Try to remember what activity you’ve done on the website, and which information you’ve provided. Additionally, repeat the search during the next couple of weeks, to ensure no new information pops up.

3. Minimize digital exposure: if you used the AM email address in other websites or apps (e.g. facebook), immediately change it from your profile. If you don’t have a different email account, create one. Posts and messages that contain the AM email address should be deleted. The goal is to reduce the chances that future searches for AM email address (and other AM items) will return current information about you. The Internet never forgets, so this is not a bullet-proof solution. However, an old Yiddish proverb says: “it is one thing to let the death angel take you down, and another thing to unlock the door for him and put the knot on your neck”.

4. Minimize future real-life exposure: If your phone number or credit-card information is exposed — change it (by ordering a new credit-card or asking your mobile operator for a new number). Clearly this is easier said than done, but it’s not impossible. This will not hide the existing exposure (too late for that) — but hopefully those items will not lead to your information in the future. Other real-life items that can be changed — change them.

5. Close and delete the email address used for your AM account. This is not always possible for official email address, but do that if possible. Do that even if this was your ‘disposable’ email account. You might be tempted to use this email address in the future, which increases the likelihood of identifying you. Even if you can not delete the email address, Ensure you do not use it again for any personal interaction. If possible, do not use it again for any purpose.

6. Secondary assessment: Determine what information about you is already exposed. Preferably, if you have the technical skills, examine the data files directly (see below). Specifically, determine which of the following items is available:

a. Recognizable Email

b. Full or Partial Name

c. Address, Zip Code

d. Phone Number

e. Credit Card information

f. Personally Identifiable Items: Gender, Height, Eye/Hair Color, GPS coordinates, etc.

g. Potentially embarrassing/incriminating information: chats logs, messages, sexual preferences, etc.

You will not be able to hide this information (ever), but at least you can understand your exposure level.

7. Decoys: If your email is there and exposure minimization does not help and catastrophe is coming, think of using website promoting services to create ‘mock’ website that would like this email address but will refer to a different name. For example, if you email address is d.hoffman@gmail.com and for some reason it is listed in some website under your real name (Dan Hoffman, accounting services), you can create several websites where d.hoffman refers to some Donlad Hoffman and promote them so it will be harder to find your true name. This approach requires more effort and it is not perfect (for people that already know you). However, it reduces the chance that people that do not know you yet can reveal you identity.

Why help the cheaters?

This post’s goal is not to help cheaters — it is to help anyone whose private details have been exposed online. The Ashley-Madison data-breach is not the first to happen — but it is the first time such a massive amount of extremely private information is exposed in such a public way.

While we do not condone the use of such websites, we strongly oppose to exposing private information about people. This is not the last time private information will be leaked/breached/exposed. Future data-breaches might expose other groups — groups which could be more, or less, controversial than AM users — regardless of the group exposed — as internet users we should be prepared to mitigate the damages of such privacy breaches.

Please also remember that Doctors treat everyone, even terrorists and mass murderers. We try to provide help based on our knowledge and experience in the technical aspects of online privacy and not to judge 39 million individuals for their poor decisions. You know what — think about this homosexual Saudi guy that fears for his life.

The most frequency words used by in the Ashley Madison private message

What was exposed?

The 9Gbyte data from the Impact Team mainly consists of large text files in the form of database dumps. The include (a) email addresses of users (b) sexual preferences (c) profiles names (d) credit card names (e) encrypted passwords and (f) the chat messages between users.

Below you can see examples of data from the leaked tables (for obvious reasons we avoided putting identifiable data).

variables in one of the the Ashley Madison tables

The data currently is fragmented and requires technical skills to be obtained such as using Torrent for downloading files and parsing massive textual. This is nothing short of what a geeky teenager can do, but beyond the skills of most people. Some people already put websites that allow searching emails in the data.

But this is just the start. Ashley Madison users and their family might be at the gateway of privacy hell. The main concern is that the data will be integrated and presented using ‘push’ services. One can think of on a Facebook app that compares the email address of users’ friends to the email address in the website and present their presence and sexual preferences. Why to stop here? A similar app can be developed to LinkedIn (Hi Steve from accounting!) or Gmail (Hi Uncle Brad!). Hell is when the same company that develops such an app will ask Ashley Madison users for a ransom ‘cleaning fee’ to remove their email from the app database. Hell is when highly motivated, Saul Goodman-type divorce attorneys will start mass emailing these addresses just “to help”. Hell is when the same attorneys will use public record search engines to find the spouses of Ashley Madison users… Hell is when hackers will be able to crack some of the encrypted passwords and to re-operate the Ashley Madison profiles or since most of us use one password for everything: destroy the digital life of these victims. There is no shortage of ideas how such data can be exploited. We live in a data-driven society — this is the price.

One private message of an Ashley Madison user

What is at stake?

The internet never forgets, and so any piece of information (private or not, embarrassing or not) will forever be available. To give an example: Employers today already use sophisticated tools to comb through applications social profiles trying to ‘dig up dirt’ that might reflect badly on the applicant. Even when no dirt is found, posts, tweets, pictures and any other publically available information is used to assess people. Imagine a tool which also scans leaked information from Ashley-Madison — and notifies the employer about the applicant. Or a Facebook app that tells you which of your friend is a potential cheater.

Even if you have no sympathy for the victims of the Ashley-Madison data-breach (e.g. “they deserve to be forever flagged as cheaters”) — just extrapolate to the next privacy data breach: perhaps it will be the users of the OKCupid dating website, or users of a closed support group for LGBTQ teens, or the clients of a drug-rehabilitation center database, of running routes of Strava users — all of them and us deserve privacy.

When privacy data, which beyond your control is illegally and unethically exposed, is integrated into public systems — that is Privacy Hell.