bureaucracybusters

Posts Tagged ‘ASHLEY MADISON’

DUMBOCRATS AND THEIR COMPUTERS

In Bureaucracy, Business, History, Politics, Social commentary on April 13, 2018 at 12:06 am

On July 22, 2016, Wikileaks released 19,252 emails and 8,034 attachments hacked from computers of the highest-ranking officials of the Democratic National Committee (DNC).

The emails were exchanged from January 2015 through May 2016.

These clearly reveal a bias for Hillary Clinton and against her lone challenger, Vermont United States Senator Bernie Sanders.

One email revealed that Brad Marshall, the chief financial officer of the DNC, suggested that Sanders, who is Jewish, could be portrayed as an atheist. 

Sanders’ supporters had long charged that the DNC and its chair, Debbie Wasserman-Schultz, were plotting to undercut his campaign. Now thousands of them were outraged to discover that their fears had been confirmed.  

The leak came at a disastrous time for Hillary Clinton, the former First Lady, United States Senator from New York and Secretary of State under President Barack Obama.

About to receive the Democratic nomination for President, she found herself charged with undermining the electoral process. 

Wasserman-Schultz proved the first casualty of the leak, resigning from her position as chair of the DNC and saying she would not open the Democratic convention as previously scheduled.

Related image

Debbie Wasserman-Schultz

As for Clinton: Her campaign manager, Bobby Mook, blamed the Russians for the leak. Their alleged motive: To help Republican Presidential nominee Donald Trump.

Cyber-security experts believed the hackers originated from Russia—-and that Russian President Vladimir Putin may have authorized it.

His alleged motive: Trump had repeatedly attacked United States’ membership in the North Atlantic Treaty Organization (NATO).

Trump believed the United States was paying an unfairly large portion of the monies needed to maintain this alliance—and he wanted other members to contribute far more. He made it clear that if they didn’t—and if he was elected President—they would be on their own if attacked by Russia.

Trump took to twitter to offer his take on the release: “How much BAD JUDGEMENT was on display by the people in DNC in writing those really dumb e-mails, using even religion, against Bernie!”  

Related image

Bernie Sanders

Which brings up the obvious question: Why was such sensitive information entrusted to computers that could be hacked? 

This is not the first time a major corporation or government agency has fallen prey to hackers.

Name-brand companies, trusted by millions, have been hit with massive data breaches that compromised their customers’ and/or employees’ most sensitive financial and personal information.

Among those companies and agencies:

  • Target
  • Kmart
  • Home Depot
  • JPMorgan/Chase
  • Staples
  • Dairy Queen
  • Anthem, Inc.
  • Sony Pictures
  • The U.S. State Department
  • The Pentagon
  • The Office of Personnel Management

Perhaps the most notorious target hacked was Ashley Madison, the website for cheating wives and husbands. Launched in 2001, its catchy slogan was: “Life is short. Have an affair.”  

On July 15, 2015, its more than 37 million members learned that highly embarrassing secrets they had entrusted to Ashley Madison had been compromised.

This included their sexual fantasies, matching credit card transactions, real names and addresses, and employee documents and emails.

A website offering cheating services to those wealthy enough to afford high-priced fees is an obvious target for hackers. After all, its database is a blackmailer’s dream-come-true.  

And the same is true for computers of one of the two major political parties of the United States. 

Among the secrets unearthed in the WikiLeaks document-dump: Plans by Democratic party officials to reward large donors and prominent fundraisers with lucrative appointments to federal boards and commissions.

Most of the donors listed gave to Clinton’s campaign. None gave to Sanders.

According to Ken Boehm, chairman of the National Legal and Policy Center, a government watchdog group: 

“The disclosed DNC emails sure look like the potential Clinton Administration has intertwined the appointments to federal government boards and commissions with the political and fund raising operations of the Democratic Party. That is unethical, if not illegal.”  

Centuries before the invention of computers–and the machinery needed to hack into them–Niccolo Machiavelli offered cautionary advice to those thinking of entering into a conspiracy.  He did so in his masterwork on politics, The Discourses.  

Niccolo Machiavelli

Unlike his better-known work, The Prince, which deals with how to secure power, The Discourses lays out rules for preserving liberty within a republic.

In Book Three, Chapter Six (“Of Conspiracies”) he writes:

“I have heard many wise men say that you may talk freely with any one man about everything, for unless you have committed yourself in writing, the ‘Yes’ of one man is worth as much as the ‘No’ of another. 

“And therefore one should guard most carefully against writing, as against a dangerous rock, for nothing will convict you quicker than your own handwriting.”

In 1804, Napoleon Bonaparte, then First Consul of France, ordered the execution of the popular Louis Antoine de Bourbon, Duke of Enghien, claiming that he had aided Britain and plotted against France.

The aristocracy of Europe, still recalling the slaughters of the French Revolution, was shocked. 

Asked for his opinion on the execution, Napoleon’s chief of police, Joseph Fouche, said: “It was worse than a crime; it was a blunder.”  

This may prove to be history’s verdict on the storing of so many incriminating computer files by the DNC.

TOO CLEVER FOR THEIR–AND OUR–OWN GOOD

In Bureaucracy, History, Politics, Social commentary on November 3, 2016 at 12:02 am

The signs were there long before Wikileaks confirmed them.

Even the most casual observer of politics could see the aren’t-we-cute? relationship between Hillary Clinton and Debbie Wasserman-Schultz.

Clinton, of course, was the former First Lady, U.S. Senator from New York and Secretary of State under President Barack Obama. She was also, by popular consensus, the candidate to beat for the 2016 Democratic Presidential nomination.

And Wasserman-Schultz was the chair of the Democratic National Committee (DNC).

Nobody expected Clinton to act impartially. But that was the expectation demanded of Wasserman-Schultz.

There were, after all, other Democrats besides Clinton seeking their party’s nomination–the most prominent of these being Bernie Sanders, the U.S. Senator from Vermont.

Related image

Bernie Sanders

Yet Wasserman-Schultz made no effort to hide her clear bias on behalf of Clinton.

On December 18, 2015, writing in The Huffington Post, political blogger Miles Mogulescu sounded a warning:

“It’s increasingly clear that Debbie Wasserman Schultz, Chair of the Democratic National Committee, isn’t acting as a neutral party Chair, trying to insure a fair and democratic primary and building the Democratic Party in the states.

“Rather, she’s acting as a shill for Hillary Clinton, doing everything in her power to ensure that no one will effectively challenge Hillary’s coronation as the nominee.”

Related image

Hillary Clinton

Two days later, on December 20, 2015, the website, U.S. Uncut published an article: 

5 TIMES DEBBIE WASSERMAN SCHULTZ VIOLATED DNC RULES AND STACKED THE DECK IN FAVOR OF CLINTON.

The article bluntly stated that Wasserman-Schultz “has made a name for herself among many Democratic voters as a shill for the Clinton machine.” And then it offered five specific examples to back up this assertion:

  1. Scheduling primary debates to garner as few viewers as possible–and thus “circle the wagons” around the front-running Clinton.
  2. Locating grassroots Clinton field offices at DNC offices.
  3. Shutting off Bernie Sanders’ access to the DNC’s voter database, thus crippling his ground strategy.
  4. Raising money for the Clinton campaign via a top DNC official.
  5. Lining up Superdelegates for Clinton before the first primary debate.

So no one should have been surprised when the full dimensions of the truth were finally revealed on July 22, 2016.

That was when Wikileaks released 19,252 emails and 8,034 attachments hacked from computers of the highest-ranking officials of the DNC.

The emails had been exchanged from January 2015 through May 2016. And they clearly revealed a bias for Hillary Clinton and against Sanders.

One email revealed that Brad Marshall, the chief financial officer of the DNC, suggested that Sanders, who is Jewish, could be portrayed as an atheist.

Sanders’ supporters had long charged that the DNC and Wasserman-Schultz had undercut his campaign. Now they had the evidence in black-and-white.

The leak badly embarrassed Clinton. About to receive the Democratic nomination for President, she found herself charged with undermining the electoral process.

Wasserman-Schultz proved the first casualty of the leak, resigning as chair of the DNC and saying she would not open the Democratic convention as previously scheduled.

Related image

Debbie Wasserman-Schultz

Clinton’s campaign manager, Bobby Mook, put his best spin on the scandal: He blamed the Russians for the leak. Their alleged motive–to help Republican Presidential nominee Donald Trump.

Cyber-security experts believed the hackers originated from Russia–and that Russian President Vladimir Putin may have authorized it.

Perhaps the worst mistake of the DNC was not putting so many embarrassing emails into computers.

Its worst was favoring Hillary Clinton above all other Presidential candidates.

On August 31, an ABC News/Washington Post poll found that Donald Trump and Hillary Clinton are the two most unpopular presidential candidates in more than 30 years.

A July 6 Fortune story sheds light on “Why Trump and Clinton Are America’s Most Disliked Presidential Candidates.”

Trump: “After making comments insulting Muslims, Latinos and women, Trump has been unable to fend off charges of racisms and sexism.”

Clinton: “Clinton is dogged by voter mistrust stoked by her handling of classified State Department information on a private email server, the Benghazi hearings, and the long-ago Whitewater scandal.”

And applying to both candidates: “People who exhibit a few instances of socially unacceptable behavior are quickly labeled as deviant and have to commit disproportionately many more acceptable behaviors to restore their reputation.”

Since October, Trump has been dogged by his admission of sexually predatory behavior toward women: “You know I’m automatically attracted to beautiful–I just start kissing them. It’s like a magnet. Just kiss. I don’t even wait. And when you’re a star they let you do it. You can do anything.  Grab them by the pussy. You can do anything.”

At least a dozen women have since charged him with making unwanted sexual advances.

Such revelations would normally prove the kiss of death for any Presidential candidate.

Had the Democrats chosen a genuinely popular candidate–or at least one who was not so widely hated as Clinton–the electoral map would now look very different.

But as matters now stand, Trump and Clinton seem locked dead-even in the polls.

In 2008, NBC anchor Tom Brokaw compared the Presidential campaign rallies of then-U.S. Senator Barack Obama to popular Hannah Montana concerts.

In 2016, not even the most partisan Democrats would make such a remark about Clinton.

THE FIRST RULE OF CONSPIRACIES–AND COMPUTERS

In Bureaucracy, History, Military, Politics, Social commentary on July 26, 2016 at 12:15 am

On July 22, Wikileaks released 19,252 emails and 8,034 attachments hacked from computers of the highest-ranking officials of the Democratic National Committee (DNC).

The emails were exchanged from January 2015 through May 2016.

These clearly reveal a bias for Hillary Clinton and against her lone challenger, Vermont U.S. Senator Bernie Sanders.

One email revealed that Brad Marshall, the chief financial officer of the DNC, suggested that Sanders, who is Jewish, could be portrayed as an atheist. 

Sanders’ supporters have long charged that the DNC and its chair, Debbie Wasserman-Schultz, were plotting to undercut his campaign. Now thousands of them are expected to descend on the Democratic convention as furious protesters.  

The leak could not have come at a worse time for Hillary Clinton, the former First Lady, U.S. Senator from New York and Secretary of State under President Barack Obama.

About to receive the Democratic nomination for President, she finds herself charged with undermining the electoral process. 

Wasserman-Schultz has proven the first casualty of the leak, resigning from her position as chair of the DNC and saying she would not open the Democratic convention as previously scheduled.

Related image

Debbie Wasserman-Schultz

As for Clinton: Her campaign manager, Bobby Mook, blamed the Russians for the leak. Their alleged motive: To help Republican Presidential nominee Donald Trump.

Cyber-security experts believe the hackers originated from Russia–and that Russian President Vladimir Putin may have authorized it.

His alleged motive: Trump has repeatedly attacked United States’ membership in the North Atlantic Treaty Organization (NATO).

He believes the United States is paying an unfairly large portion of the monies needed to maintain this alliance–and he wants other members to contribute far more. Otherwise, if he is elected President, they would be on their own if attacked by Russia.

Trump took to twitter to offer his take on the release: “How much BAD JUDGEMENT was on display by the people in DNC in writing those really dumb e-mails, using even religion, against Bernie!”  

Related image

Bernie Sanders

Which brings up the obvious question: Why was such sensitive information entrusted to computers that could be hacked? 

This is not the first time a major corporation or government agency has fallen prey to hackers.

Name-brand companies, trusted by millions, have been hit with massive data breaches that compromised their customers’ and/or employees’ most sensitive financial and personal information.

Among those companies and agencies:

  • Target
  • Kmart
  • Home Depot
  • JPMorgan/Chase
  • Staples
  • Dairy Queen
  • Anthem, Inc.
  • Sony Pictures
  • The U.S. State Department
  • The Pentagon
  • The Office of Personnel Management

Perhaps the most notorious target so far hacked is Ashley Madison, the website for cheating wives and husbands. Launched in 2001, its catchy slogan is: “Life is short. Have an affair.”  

Ashley Madison - Ashley Madison Agency

On July 15, 2015, its more than 37 million members learned that highly embarrassing secrets they had entrusted to Ashley Madison had been compromised.

This included their sexual fantasies, matching credit card transactions, real names and addresses, and employee documents and emails.

A website offering cheating services to those wealthy enough to afford high-priced fees is an obvious target for hackers. After all, its database is a blackmailer’s dream-come-true.  

And the same is true for computers of one of the two major political parties of the United States. 

Among the secrets unearthed in the WikiLeaks document-dump: Plans by Democratic party officials to reward large donors and prominent fundraisers with lucrative appointments to federal boards and commissions.

Most of the donors listed gave to Clinton’s campaign. None gave to Sanders.

According to Ken Boehm, chairman of the National Legal and Policy Center, a government watchdog group: 

“The disclosed DNC emails sure look like the potential Clinton Administration has intertwined the appointments to federal government boards and commissions with the political and fund raising operations of the Democratic Party. That is unethical, if not illegal.”  

Centuries before the invention of computers–and the machinery needed to hack into them–Niccolo Machiavelli offered cautionary advice to those thinking of entering into a conspiracy.  He did so in his masterwork on politics, The Discourses.  

Niccolo Machiavelli

Unlike his better-known work, The Prince, which deals with how to secure power, The Discourses lays out rules for preserving liberty within a republic.

In Book Three, Chapter Six (“Of Conspiracies”) he writes:

“I have heard many wise men say that you may talk freely with any one man about everything, for unless you have committed yourself in writing, the ‘Yes’ of one man is worth as much as the ‘No’ of another. 

“And therefore one should guard most carefully against writing, as against a dangerous rock, for nothing will convict you quicker than your own handwriting.”

In 1804, Napoleon Bonaparte, then First Consul of France, ordered the execution of the popular Louis Antoine de Bourbon, Duke of Enghien, claiming that he had aided Britain and plotted against France.

The aristocracy of Europe, still recalling the slaughters of the French Revolution, was shocked. 

Asked for his opinion on the execution, Napoleon’s chief of police, Joseph Fouche, said: “It was worse than a crime; it was a blunder.”  

This may prove to be history’s verdict on the storing of so many incriminating computer files by the DNC.

COMPUTER SECURITY: “WE DON’T CARE, WE DON’T HAVE TO”

In Bureaucracy, Business, Entertainment, Law, Law Enforcement, Social commentary on April 14, 2016 at 12:07 am

It’s the nightmare-come-true for corporate America.

Name-brand companies, trusted by millions, hit with massive data breaches.

And with a series of keystrokes, the most sensitive financial and personal information of their employees and/or customers is compromised.

Among those companies:

  • Target
  • Kmart
  • Home Depot
  • JPMorgan/Chase
  • Staples
  • Dairy Queen
  • Anthem, Inc.
  • Sony Pictures
  • Primera Blue Cross
  • U.S. Postal Service

Click here: Data Breach Tracker: All the Major Companies That Have Been Hacked | Money.com

And as of July 15, 2015, Ashley Madison joined this list.

Ashley Madison is, of course, the notorious website for cheating wives and husbands.

Launched in 2001, its catchy slogan is: “Life is short.  Have an affair.”

One of its ads featured a photo of a woman apparently kneeling at the feet of a bare-chested man, her hand passionately clawing at his belt. Next to her was the caption: “Join FREE & change your life today. Guaranteed!”

Ashley Madison - Ashley Madison Agency

Now millions of its clients may find their lives changed in ways they never imagined–and for the worse.

Ashley Madison claims to have more than 37 million members.  And now, untold numbers of them may find their lives changed forever.

Its hackers were enraged at the company’s refusal to fully delete users’ profiles unless it received a $19 fee.

Referring to themselves as “The Impact Team,” they stated in an online manifesto: “Full Delete netted [Avid Life Media, the parent company of Ashley Madison] $1.7 million in revenue in 2014.  It’s also a complete lie.

“Users almost always pay with credit card; their purchase details are not removed as promised, and include real names and address, which is of course the most important information the users want removed.”

On July 20, Avid Life Media defended the service, and said it would make it free.

Adultery-dating website Ashley Madison hacked

The hackers demanded: “AM [Ashley Madison] AND EM [Established Men] MUST SHUT DOWN IMMEDIATELY PERMANENTLY.

“We have taken over all systems in your entire office and production domains, all customer information databases, source code repositories, financial records, emails.

“Shutting down AM and EM will cost you, but non-compliance will cost you more.”

The hackers threatened to “release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails.”

Avid Life Media assured its customers that it had hired “one of the world’s top IT security teams” to work on the breach:

“At this time, we have been able to secure our sites, and close the unauthorized access points. We are working with law enforcement agencies, which are investigating this criminal act.”

This statement gives new meaning to the phrase, “Closing the barn door after the cow has gotten out.”

And it raises the question: Why wasn’t this “top IT security team” hired at the outset? 

After all, its database is a blackmailer’s dream-come-true. Yet apparently its owners didn’t care enough about the privacy of their customers to provide adequate security.

On August 18, 2015, the hackers began releasing their pirated information.

As usual during a corporation’s data breach, Ashley Madison issued a reassuring statement: “We are working with law enforcement agencies, which are investigating this criminal act.

“Any and all parties responsible for this act of cyber-terrorism will be held responsible.”

Eight of those customers (so far) have decided to hold Ashley Madison responsible. They have filed lawsuits against the company in California, Georgia, Minnesota, Missouri, Tennessee and Texas.

They seek class-action status to represent Ashley Madison’s 37 million users.

The lawsuits claim negligence, breach of contract and privacy violations. They charge that Ashley Madison failed to take reasonable steps to protect the security of its users, including those who paid the $19 fee to have their information deleted.

If they win–and force the owners of Ashley Madison to pay up big-time–this could set a precedent for lawsuits by other victims of such data breaches.

An October 22, 2014 “commentary” published in Forbes magazine raised the highly disturbing question: “Cybersecurity: Does Corporate America Really Care?”

And the answer is clearly: No.

Its author is John Hering, co-founder and executive director of Lookout, which bills itself as “the world leader in mobile security for consumers and enterprises alike.”

Click here: Cybersecurity: Does corporate America really care?

“One thing is clear,” writes Hering. “CEOs need to put security on their strategic agendas alongside revenue growth and other issues given priority in boardrooms.”

Hering warns that “CEOs don’t seem to be making security a priority.” And he offers several reasons for this:

  • The sheer number of data compromises;
  • Relatively little consumer outcry;
  • Almost no impact on the companies’ standing on Wall Street;
  • Executives may consider such breaches part of the cost of doing business.

“Sales figures and new products are top of mind,” writes Hering. “Shoring up IT systems aren’t.”

The key to sharply reducing data breaches lies in holding greed-obsessed CEOs financially accountable for their criminal negligence.

Only then will their  mindset of “We don’t care, we don’t have to” be replaced with: “We care, because our heads will roll if we don’t.”

THE GOOD NEWS IN THE ASHLEY MADISON SCANDAL

In Bureaucracy, Business, Law Enforcement, Social commentary on August 26, 2015 at 9:50 am

It’s the nightmare-come-true for corporate America.

Name-brand companies, trusted by millions, hit with massive data breaches.

And with a series of keystrokes, the most sensitive financial and personal information of their employees and/or customers is compromised.

Among those companies:

  • Target
  • Kmart
  • Home Depot
  • JPMorgan/Chase
  • Staples
  • Dairy Queen
  • Anthem, Inc.
  • Sony Pictures
  • Primera Blue Cross
  • U.S. Postal Service

Click here: Data Breach Tracker: All the Major Companies That Have Been Hacked | Money.com

And as of July 15, Ashley Madison joined this list.

Ashley Madison is, of course, the notorious website for cheating wives and husbands.

Launched in 2001, its catchy slogan is: “Life is short.  Have an affair.”

One of its ads featured a photo of a woman apparently kneeling at the feet of a bare-chested man, her hand passionately clawing at his belt.  Next to her was the caption: “Join FREE & change your life today.  Guaranteed!”

Ashley Madison - Ashley Madison Agency

Ashley Madison claims to have more than 37 million members.  And now, untold numbers of them may find their lives changed forever.

Its hackers were enraged at the company’s refusal to fully delete users’ profiles unless it received a $19 fee.

Referring to themselves as “The Impact Team,” they stated in an online manifesto: “Full Delete netted [Avid Life Media, the parent company of Ashley Madison] $1.7 million in revenue in 2014.  It’s also a complete lie.

“Users almost always pay with credit card; their purchase details are not removed as promised, and include real names and address, which is of course the most important information the users want removed.”

On July 20, Avid Life Media defended the service, and said it would make it free.

Adultery-dating website Ashley Madison hacked

The hackers demanded: “AM [Ashley Madison] AND EM [Established Men] MUST SHUT DOWN IMMEDIATELY PERMANENTLY.

“We have taken over all systems in your entire office and production domains, all customer information databases, source code repositories, financial records, emails.

“Shutting down AM and EM will cost you, but non-compliance will cost you more.”

The hackers threatened to “release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails.”

Avid Life Media assured its customers that it had hired “one of the world’s top IT security teams” to work on the breach:

“At this time, we have been able to secure our sites, and close the unauthorized access points. We are working with law enforcement agencies, which are investigating this criminal act.”

This statement gives new meaning to the phrase, “Closing the barn door after the cow has gotten out.”

And it raises the question: Why wasn’t this “top IT security team” hired at the outset?

After all, its database is a blackmailer’s dream-come-true. Yet apparently its owners didn’t care enough about the privacy of their customers to provide adequate security.

On August 18, the hackers began releasing their pirated information.

As usual during a corporation’s data breach, Ashley Madison issued a reassuring statement: “We are working with law enforcement agencies, which are investigating this criminal act.

“Any and all parties responsible for this act of cyber-terrorism will be held responsible.”

Eight of those customers (so far) have decided to hold Ashley Madison responsible. They have filed lawsuits against the company in California, Georgia, Minnesota, Missouri, Tennessee and Texas.

They seek class-action status to represent Ashley Madison’s 37 million users.

The lawsuits claim negligence, breach of contract and privacy violations. They charge that Ashley Madison failed to take reasonable steps to protect the security of its users, including those who paid the $19 fee to have their information deleted.

If they win–and force the owners of Ashley Madison to pay up big-time–this could set a precedent for lawsuits by other victims of such data breaches.

An October 22, 2014 “commentary” published in Forbes magazine raised the highly disturbing question: “Cybersecurity: Does Corporate America Really Care?”

And the answer is clearly: No.

Its author is John Hering, co-founder and executive director of Lookout, which bills itself as “the world leader in mobile security for consumers and enterprises alike.”

Click here: Cybersecurity: Does corporate America really care?

“One thing is clear,” writes Hering. “CEOs need to put security on their strategic agendas alongside revenue growth and other issues given priority in boardrooms.”

Hering warns that “CEOs don’t seem to be making security a priority.”  And he offers several reasons for this:

  • The sheer number of data compromises;
  • Relatively little consumer outcry;
  • Almost no impact on the companies’ standing on Wall Street;
  • Executives may consider such breaches part of the cost of doing business.

“Sales figures and new products are top of mind,” writes Hering. “Shoring up IT systems aren’t.”

The key to sharply reducing data breaches lies in holding greed-obsessed CEOs financially accountable for their criminal negligence.

Only then will their  mindset of “We don’t care, we don’t have to” be replaced with: “We care, because our heads will roll if we don’t.”

DATA SECURITY BREACHES: “WE DON’T CARE, WE DON’T HAVE TO”: PART TWO (END)

In Bureaucracy, Business, History, Law, Law Enforcement, Social commentary on July 21, 2015 at 9:35 am

It’s become as routine as the robbery of the corner liquor store.

Name-brand companies, trusted by millions, hit with massive data breaches that compromise their customers’ and/or employees’ most sensitive financial and personal information.

Among those companies:

  • Target
  • Kmart
  • Home Depot
  • JPMorgan/Chase
  • Staples
  • Dairy Queen
  • Anthem, Inc.
  • Sony Pictures
  • Primera Blue Cross
  • U.S. Postal Service

Click here: Data Breach Tracker: All the Major Companies That Have Been Hacked | Money.com

And as of July 15, Ashley Madison joined this list.

Ashley Madison is, of course, the notorious website for cheating wives and husbands.

Launched in 2001, its catchy slogan is: “Life is short.  Have an affair.”

One of its ads featured a photo of a woman apparently kneeling at the feet of a bare-chested man, her hand passionately clawing at his belt.  Next to her was the caption: “Join FREE & change your life today.  Guaranteed!”

Ashley Madison claims to have more than 37 million members.

Calling themselves “The Impact Team,” hackers appear to be enraged at the company’s “full delete” service, which promises to completely erase a user’s profile and all associated data for a $19 fee.

“Full Delete netted [Avid Life Media, the parent company of Ashley Madison] $1.7 million in revenue in 2014,” the hackers were quoted as saying in an online manifesto.  “It’s also a complete lie.

“Users almost always pay with credit card; their purchase details are not removed as promised, and include real names and address, which is of course the most important information the users want removed.”

On July 20, Avid Life Media defended the service, and said it would make it free.

Adultery-dating website Ashley Madison hacked

The hackers demanded: “AM [Ashley Madison] AND EM [Established Men] MUST SHUT DOWN IMMEDIATELY PERMANENTLY.

“We have taken over all systems in your entire office and production domains, all customer information databases, source code repositories, financial records, emails.

“Shutting down AM and EM will cost you, but non-compliance will cost you more.”

The hackers threatened to “release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails.”

Interestingly, the hackers did not target the company’s “CougarLife” website, which caters to female members seeking “a young stud.”

Avid Life Media assured its customers that it had hired “one of the world’s top IT security teams” to work on the breach:

“At this time, we have been able to secure our sites, and close the unauthorized access points. We are working with law enforcement agencies, which are investigating this criminal act.”

This statement gives new meaning to the phrase, “Closing the barn door after the cow has gotten out.”

It’s almost comical, except for the fact that the marriages of millions of people are likely to be threatened by the release of such information.

And it raises the question: Why wasn’t this “top IT security team” hired at the outset?

A website offering cheating services to those wealthy enough to afford high-priced fees is an obvious target for hackers. After all, its database is a blackmailer’s dream-come-true.

This latest breach comes about two months after a similar dating site, Adult FriendFinder–with an estimated 64 million members–was hit with a similar attack.

Again, it was clear that a site like this would be a prime target for those seeking information for blackmail. Yet apparently its owners didn’t care enough about the privacy of their customers to provide adequate security.

“Without question, this is incredibly valuable information,” said J.J. Thompson, founder and chief executive of Rook Security, an IT security firm.

“[Ashley Madison’s customers] are now vulnerable to a significant secret.”

As usual when a corporation’s data breach occurs, Ashley Madison issued a reassuring statement: “We are working with law enforcement agencies, which are investigating this criminal act.

“Any and all parties responsible for this act of cyber-terrorism will be held responsible.”

Brave-sounding words.  But if the hackers make good on their threat, many prominent men in business and politics may soon find themselves facing expensive divorces.

And if that happens, at least some of them may well decide to take out their anger and embarrassment on the websits that assured them that the highly private information they shared was “100% secure.”

That could set a precedent for lawsuits by other victims of such data breaches. Which, in turn, could force profit-obsessed corporations to responsibly protect the highly sensitive information entrusted to them.

There is an important lesson to be learned from this latest disaster.

“Stuff that’s online is pretty much not private, no matter what you might hope or think or wish for,” said Geoff Webb, senior director of solution strategy for security management firm NetIQ.

Old records, like transactions and account details, remain in company databases long after you’ve deleted an account, he said, because the company needs them for tax and other business purposes.

“There used to be an old saying that everybody ends up naked on the Internet at some point,” said Webb.

Although that was meant figuratively, patrons of websites like Ashley Madison could soon find it applying literally.

DATA SECURITY BREACHES: “WE DON’T CARE, WE DON’T HAVE TO”: PART ONE (OF TWO)

In Bureaucracy, Business, Law, Law Enforcement, Social commentary on July 20, 2015 at 12:20 pm

Comedian Lily Tomlin rose to fame on the 1960s comedy hit, Rowan & Martin’s Laugh-In, as Ernestine, the rude, sarcastic switchboard operator for Ma Bell.

She would tap into customers’ calls, interrupt them, make snide remarks about their personal lives.  And her victims included celebrities as much as run-of-the-mill customers.

Lily Tomlin as Ernestine

She introduced herself as working for “the phone company, serving everyone from presidents and kings to the scum of the earth.”

But perhaps the line for which her character is best remembered was: “We don’t care. We don’t have to. We’re the phone company.”

Watching Ernestine on Laugh-In was a blast for millions of TV viewers.  But facing such corporate arrogance in real-life is no laughing matter.

Clearly, too many companies take the same attitude as Ernestine: “We don’t care.  We don’t have to.”

This is especially true for companies that are supposed to safeguard their customers’ most sensitive information–such as their credit card numbers, addresses, emails and phone numbers.

An October 22, 2014 “commentary” published in Forbes magazine raised the highly disturbing question: “Cybersecurity: Does Corporate America Really Care?”

And the answer is clearly: No.

Its author is John Hering, co-founder and executive director of Lookout, which bills itself as “the world leader in mobile security for consumers and enterprises alike.”

Click here: Cybersecurity: Does corporate America really care?

October, 2014 proved a bad month for credit card-using customers of Kmart, Staples and Dairy Queen.

All these corporations reported data breeches involving the theft of credit card numbers of countless numbers of customers.

Earlier breaches had hit Target, Home Depot and JPMorgan/Chase.

And on February 5, 2015, health insurance giant Anthem Inc. announced that hackers had breached its computer system and accessed the medical records of tens of millions of its customers and employees.

Anthem, the nation’s second-largest health insurer, said the infiltrated database held records on up to 80 million people.

Among the customers’ information accessed:

  • Names
  • Birthdates
  • Social Security numbers
  • Member ID numbers
  • Addresses
  • Phone numbers
  • Email addresses and
  • Employment information.

Some of the customer data may also include details on their income.

Click here: Anthem hack exposes data on 80 million; experts warn of identity theft – LA Times

Bad as that news was, worse was to come.

A February 5 story by the Wall Street Journal revealed that Anthem stored the Social Security numbers of 80 million customers without encrypting them.

The company believes that hackers used a stolen employee password to access the database

Anthem’s alleged reason for refusing to encrypt such sensitive data: Doing so would have made it harder for the company’s employees to track health care trends or share data with state and Federal health providers.

Anthem spokeswoman Kristin Binns blamed the data breach on employers and government agencies who “require us to maintain a member’s Social Security number in our systems so that their systems can uniquely identify their members.”

She said that Anthem encrypts personal data when it moves in or out of its database–but not where it  is stored.

This is a commonplace practice in the healthcare industry.

The FBI is now investigating the hack.

According to an anonymous source, the hackers used malware that has been used almost exclusively by Chinese cyberspies.

Naturally, China has denied any wrongdoing.  With a completely straight face, Chinese Foreign Ministry spokesman Hong Lei said:

“We maintain a cooperative, open and secure cyberspace, and we hope that countries around the world will make concerted efforts to that end.”

He also said that the charge that the hackers were Chinese was “groundless.”

Click here: Health Insurer Anthem Didn’t Encrypt Stolen Data – WSJ

Meanwhile, John Hering’s complaints remain as valid today as they did last October.

“One thing is clear,” writes Hering. “CEOs need to put security on their strategic agendas alongside revenue growth and other issues given priority in boardrooms.”

Hering warns that “CEOs don’t seem to be making security a priority.”  And he offers several reasons for this:

  • The sheer number of data compromises;
  • Relatively little consumer outcry;
  • Almost no impact on the companies’ standing on Wall Street;
  • Executives may consider such breaches part of the cost of doing business.

“There’s a short-term mindset and denial of convenience in board rooms,” writes Hering.

“Top executives don’t realize their systems are vulnerable and don’t understand the risks. Sales figures and new products are top of mind; shoring up IT systems aren’t.”

There are three ways corporations can be forced to start behaving responsibly on this issue.

  1. Smart attorneys need to start filing class-action lawsuits against companies that refuse to take steps to protect their customers’ private information.  There is a name for such behavior: Criminal negligence.  And there are laws carrying serious penalties for it.
  2. There must be Federal legislation to ensure that multi-million-dollar fines are levied against such companies–and especially their CEOs–when such data breaches occur.
  3. Congress should enact legislation allowing for the prosecution of CEOs whose companies’ negligence leads to such massive data breaches. They should be considered as accessories to crime, and, if convicted, sentenced to lengthy prison terms.

Only then will the CEO mindset of “We don’t care, we don’t have to” be replaced with: “We care, because our heads will roll if we don’t.”

%d bloggers like this: