MEXICO CITY (CNNExpansión) – After hacking the site to infidels Ashley Madison, about 20 gigabytes of names, credit card numbers, addresses and other personal details of the users were exposed in the network. Depending on the case, those involved will have consequences; however, to the site owned by Avid Media, almost nothing will change.
Although hacking site demonstrates vulnerabilities, Director of Research and Analysis for Kaspersky Lab in Latin America, Dmitry Bestuzhev, the company warns that the consequences will be minimal, as most of the affected users will not report and notice of applications and site conditions, protects the company network to an incident.
Read: Hackers disclose customer data to Ashley Madison
“You have to read very well letters of the service contract, there often specify what happens to the data, but do not talk about how they do it and there you suspect (…) unfortunately these attacks are going to continue giving and impunity will be high. Sometimes people do not report and that is a mistake, “she said analyst
Article 14 Notice Conditions of Use and Ashley Madison, detailing the following:.
“ are not responsible for any inconvenience or technical difficulty network or telephone lines, computer online systems, servers or providers, computer equipment, software, failure of e-mail / chats or players due to technical problems or traffic congestion on the internet or on the web site, or a combination of these. “
Bestushev ensures that the impact will be greater for users “from any point of view this is a disaster. (…) Who applied security was not right for them or for users. “
Security insufficient
Although they have not revealed the reasons for the cyber attack, according to the analyst at Kaspersky, one of the factors that led to this was that the site did not have sufficient levels of data security, even though their executives affirm that all encrypted data is kept.
“Maybe they were encrypted on the first level, where the user is authenticated, but the level of save data was not (…) When data are encrypted, they are, although removed. Even stealing the information the attacker could not decrypt the data, “Bestuzhev said.
Even when a user is registered on the site, should provide an email and some personal data extras, Ashley Madison assured his customers that withdraw from the platform your data will be permanently deleted after a payment, which could not have happened.
“They said They are offering customer support to delete your data when you went the service, but in practice we see that this was not (…) This shows that they did not have; Sometimes the companies say one thing but you can not check back if it is really so, “he said.
User Data Ashley Madison were revealed as a result of a previous hack conducted by the group of hackers, Impact Team, Avid Life Media site in late July.
The goal of hacking into Avid Life Media, which owns firm Established Ashley Madison and Men, was the ultimate elimination of these sites, since according to hackers, your business based on infidelity is questionable.
After the incident, Ashley Madison, failed the fact and described it as a criminal act and not cyber as hackers argue.
“This is not hacktivism is an act of criminality. Is an illegal act against the individual members of AshleyMadison.com, as well as for free-thinking people who choose to stay somewhere with free activities like this, “said the firm, after the cyberattack.
According to company figures, the site had over 35 million users in the world and Mexico is the sixth country with greater participation on the page, according to the CEO of Ashley Madison Mexico, Victor Hermosillo.
Army without honor
After the hacking, Impact Team also published in different places the database in which you can see in detail names, accounts bank, emails and phone numbers of users involved in this platform. According to a first analysis of the published data, it was revealed that Ashley Madison 15,000 accounts were registered with government emails and US military. (.gov And .mil)
According to Bestushev, the major consequences of those involved in the hacked database are personal, but for the military listed the consequence is greater. According to Article 134 of the Uniform Code of Military Conduct US, infidelity is punishable by a year in jail and removal of charge, so long-term, eliminates their right to receive military government pension.
To date no security expert was able to confirm the accuracy of the data published by Impact Team. Analysts explained that because the site can create accounts without check email, there is a high possibility that many users create fake accounts in the network was to remain anonymous or fraud.
A particular case were the various accounts that were found on the basis of stolen data registered mail with the British former minister, Tony Blair.
No comments:
Post a Comment