Not exactly, more that they left around credit card/purchase info. From Krebs On Security:
> According to the hackers, although the “full delete” feature that Ashley Madison advertises promises “removal of site usage history and personally identifiable information from the site,” users’ purchase details — including real name and address — aren’t actually scrubbed.
Also 'hacker' should have released everything and sent links to the media. That would close the site for sure. And would generate quite a few lawsuits from exposed people. And who knows maybe some more regulations privacy-wise would pop up.
Yet another episode of self-righteous attention seeking.
Regarding leaked data from dating sites, I'm only interested in the number of fake and never used accounts which merely exist to bloat the number of members.
Why would anyone use their real name or email address on a site like that? Let the hackers reveal all the info... should just be a bunch of "FAKE FAKERSON" accounts and people who probably aren't bright enough to have an affair anyway.
Sites distributing images of child sexual abuse often have similar lists of subscribers and their credit card details.
Very many people use their real details on those sites, even though the penalties of getting caught are much more severe.
The best example of this is Operation Ore - a site was taken down by law enforcement and many thousands of people were investigated and found to have images of child sexual abuse. The investigation was made easier because so many people used their real names and linked that to their everyday credit card, allowing easy linking to their current address.
That's not quite how Operation Ore went down, from what I recall. Thousands of people were indeed arrested for having their credit card details on the records of a company that sold child sexual abuse images, but most of them had actually paid for legitimate adult porn or were victims or credit card fraud and didn't have any such images, yet got convicted anyway thanks to some sleazy police work. The US equivalent, Operation Avalanche, did only arrest people who were actually linked to child porn in some way and only managed to arrest 100 people: https://en.wikipedia.org/wiki/Operation_Avalanche_(child_por...
There were many false arrests. There were also many convictions - enough evidence for an investigation, enough evidence for an arrest, enough evidence for a prosecution, and enough evidence to persuade a judge / jury beyond all reasonable doubt that an offence had occured.
> leading to 7,250 suspects identified, 4,283 homes searched, 3,744 arrests, 1,848 charged, 1,451 convictions, 493 cautioned and 140 children removed from suspected dangerous situations[2] and an estimated 33[3] suicides.[4][5] Operation Ore identified and prosecuted some sex offenders, but the validity of the police procedures was later questioned, as errors in the investigations resulted in a large number of false arrests.[3]
7,250 suspect and 1,451 convictions is pretty significant.
7250 suspects were all the names provided to UK police, including the thousands of victims of stolen cards or that had bought access to legitimate sites.
1451 convictions is still significant, but we also still don't know how many of those might be wrongly convicted, given that a number of them were overturned and several people have won trials for malicious prosecution, and we don't know how many "got away" without publicity over their trials simply don't want to risk appeals or lawsuits over their convictions.
It's worth noting that the company the data came from had in fact been subject to so much credit card fraud that it was going out of business when they were raided. US police treated the data accordingly. British police did not.
Over turned convictions are in the low hundred (shockingly too many, a real disgrace) but the point is that at least 1,000 people paid to access images of child sexual abuse using their real name and CC details.
Seems like credit card records were compromised as well. Harder to fake a name with those (though someone could've used a prepaid Visa card or the like).
Yea, I was only sort of aware of AshleyMadison, but I assumed facilitating a high degree of anonymity was basically the main service they provided. I guess that's not the case.
Giving your real name/address/DOB/credit card to a site specifically set up for cheating seems like basically asking to get blackmailed.
I'm pretty sure you can add any name you like, so long as you are adding it as an additional card under your existing account. It does not guarantee anonymity from bank employees but it does keep your real name out of vendor's records.
