Case Study: The Ashley Madison Breach
August 25th, 2015 Matt McCue

In the few weeks since the hack was announced, Ashley Madison has been trying to do damage control to limit the breach’s affect on the company’s reputation and its 32M users. But how did the breach take place in the first place?

The recent hack of the extramarital affair site AshleyMadison.com is still in the news, with the parent company Avid Life Media (ALM) offering a bounty of $50,000 for the name(s) of the hackers who infiltrated the company’s files and leaked user information, company information, emails from the CEO, etc.

In the few weeks since the hack was announced, Ashley Madison has been trying to do damage control to limit the breach’s affect on the company’s reputation and its 32M users. But how did the breach take place in the first place?

On July 15, 2015 a hacker team referring to themselves as “The Impact Team” announced that they had successfully hacked the AshleyMadison.com database, and was planning to release over 60 gigabytes of data unless ALM shut down Ashley Madison and it’s sister site, EstablishedMen.com.

Theories are beginning to surface from key security experts, such as John McAfee, who believes that the hacker was an employee of the company.

McAfee wrote in a column for International Business Times that the hack was an inside job, and that the data was taken by someone from within ALM. “From the data that was released, it was clear that the perpetrator had intimate knowledge of the technology stack of the company (all the programs being used).”

Due to the wording of the initial press release stating that the hack had happened, McAfee analyzed the words used in the press release and came to the conclusion that the author was a woman.

McAfee states that because the release used the word “scumbags” to describe the men who used the site, he reasoned that is a term that only women use to describe adulterous men.

McAfee also pointed out a reference to the romantic holiday Valentines Day, which “women rate Valentine's Day higher than Christmas, and men think so little of it that they have to remind each other the day is nearing.”

In addition to the wording used in the “manifestos”, the varying types of files stolen also point to an inside job, because hackers would be interested in the most damning information possible.

The fact that there was files that included stock option lists, IP addresses of all of the ALM servers worldwide, office layout of the Ashley Madison offices, etc., McAfee believes that the hacker was someone within the company who had access to all of these files.

What We Can Learn from the Avid Life Media Data Breach


If the hack was indeed an inside job, this demonstrates how easily a disgruntled employee can cause immeasurable damage to their employers. With important data at the fingertips of all of the employees, when something like this happens it’s nearly impossible to pinpoint who was the perpetrator.

Avid Life Media is a large company and likely had compartmentalized their data so that not all personnel had access to the company’s complete files, yet the hacker(s) was able to get such a vast amount of information from various servers and databases. It illustrates that even though the company had tried to keep data separate, they were still vulnerable to a breach.

The main lesson we can learn from the Ashley Madison breach is the importance of creating safeguards to limit what employees have access to, and to use security processes that track who is accessing the information or files.

Tridacom security experts recommend using a third-party server to host vital information that would damage the company should it be released. Tridacom allows our clients to host key files and databases within our secure and highly guarded servers, thereby limiting the chance of a data breach.

Learn more about how Tridacom and our security team can protect your company from data breaches, please contact us today at 1-877-489-0123. Our team will analyze your company’s file and database storage and devise a plan that will limit the chances of a data breach damaging your company’s reputation.

About Tridacom


Tridacom is a Canadian IT Consulting and Telecommunications company with offices in Edmonton, Regina, Toronto, and Vancouver. We specialize in network security, office telecommunications, IT Consulting, data management, disaster recovery plans, and other important IT services for businesses of all sizes.

Related Articles



Go Back
Top