I got 24…. Yes 24 questions from people (for the record, some male, some female) asking how to check to see if they were part of the Ashley Madison hack. Most came minutes after I posted this story on the huge data dump that happened last night. Now, I’ll just say up front that what you do is your own business and I don’t care if you were cheating or not. Which makes it very easy for me to recommend an ethical means to find out if you were part of this hack.
What I would do is sign up for a site called haveibeenpwned.com using the e-mail address that you used on Ashley Madison. You’ll get a confirmation e-mail and you’ll know right away if you are part of this or not. Here’s why I am recommending this site via a blog post posted by Troy Hunt who operates the site:
I don’t believe it’s responsible to make all the AM accounts discoverable by anyone. Yes, they will be through various other routes anyway, but I’m not prepared for HIBP to be the avenue through which a wife discovers her husband is cheating or something even worse happens
And:
There are other ways of handling this so that those who need to know can find out. What they then do with the data is up to them, of course, but there won’t be a construct on HIBP where someone’s spouse or kids or co-workers can randomly pull records.
This to me seems like a very rational and sensitive way of dealing with this. I applaud Mr. Hunt for taking this approach. People’s lives are likely to be impacted if not ruined by this as this not just a hack, it is a massive invasion of privacy. The Impact Team might have had some sort of “beef” with the people who run Ashley Madison, but this is not the way they should have dealt with it. Sure their actions have likely killed this company once and for all, but they’ve done untold amounts of damage too. I hope they can sleep at night.
UPDATE: Another Option is CheckAshleyMadison.com which will tell you if you if a phone number or e-mail address is in the leaked database without revealing any personal info.
UPDATE #2: CheckAshleyMadison.com has been served with a DMCA takedown notice by Ashley Madison’s legal team. Thus your best outlet at present is haveibeenpwned.com. Another option is https://ashley.cynic.al. At least for now as I expect those sites to be served with takedown notices by Ashley Madison’s legal team who are clearly interested in covering up their craptastic IT security as quickly as possible.
UPDATE #3: Another option is allaboutashley.cr which appears to be hosted out of Costa Rica. Likely to avoid a DMCA takedown notice. If you serve up an e-mail address that was used on the site, it will give you information on user names, addresses, profile taglines and what payments they have made. I suspect that this is aimed at spouses looking for dirt on their significant others.
Like this:
Like Loading...
Related
This entry was posted on August 19, 2015 at 1:18 pm and is filed under Commentary with tags Ashley Madison. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Hey IT Nerd! How Do I Check If I Was Part Of The Ashley Madison Hack? [UPDATED x3]
I got 24…. Yes 24 questions from people (for the record, some male, some female) asking how to check to see if they were part of the Ashley Madison hack. Most came minutes after I posted this story on the huge data dump that happened last night. Now, I’ll just say up front that what you do is your own business and I don’t care if you were cheating or not. Which makes it very easy for me to recommend an ethical means to find out if you were part of this hack.
What I would do is sign up for a site called haveibeenpwned.com using the e-mail address that you used on Ashley Madison. You’ll get a confirmation e-mail and you’ll know right away if you are part of this or not. Here’s why I am recommending this site via a blog post posted by Troy Hunt who operates the site:
I don’t believe it’s responsible to make all the AM accounts discoverable by anyone. Yes, they will be through various other routes anyway, but I’m not prepared for HIBP to be the avenue through which a wife discovers her husband is cheating or something even worse happens
And:
There are other ways of handling this so that those who need to know can find out. What they then do with the data is up to them, of course, but there won’t be a construct on HIBP where someone’s spouse or kids or co-workers can randomly pull records.
This to me seems like a very rational and sensitive way of dealing with this. I applaud Mr. Hunt for taking this approach. People’s lives are likely to be impacted if not ruined by this as this not just a hack, it is a massive invasion of privacy. The Impact Team might have had some sort of “beef” with the people who run Ashley Madison, but this is not the way they should have dealt with it. Sure their actions have likely killed this company once and for all, but they’ve done untold amounts of damage too. I hope they can sleep at night.
UPDATE: Another Option is CheckAshleyMadison.com which will tell you if you if a phone number or e-mail address is in the leaked database without revealing any personal info.
UPDATE #2: CheckAshleyMadison.com has been served with a DMCA takedown notice by Ashley Madison’s legal team. Thus your best outlet at present is haveibeenpwned.com. Another option is https://ashley.cynic.al. At least for now as I expect those sites to be served with takedown notices by Ashley Madison’s legal team who are clearly interested in covering up their craptastic IT security as quickly as possible.
UPDATE #3: Another option is allaboutashley.cr which appears to be hosted out of Costa Rica. Likely to avoid a DMCA takedown notice. If you serve up an e-mail address that was used on the site, it will give you information on user names, addresses, profile taglines and what payments they have made. I suspect that this is aimed at spouses looking for dirt on their significant others.
Share this:
Like this:
Related
This entry was posted on August 19, 2015 at 1:18 pm and is filed under Commentary with tags Ashley Madison. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.