Despite being one of the largest data breaches in the world, exposing tens of millions of users’ personal information, BetaKit has shied away from covering the recent Ashley Madison hack, predominantly because there are too many other Canadian startups building more worthwhile products and services that need their stories told.
Information released today by the Toronto police and Motherboard now require BetaKit to change its stance.
In a press briefing today, acting staff superintendent Bryce Evans of the Toronto police revealed that two individuals associated with the recent leak of Ashley Madison customer details have taken their lives.
Beyond the suicides, the leak has led to a series of “spin-offs of crimes and further victimization,” Evans said. “Criminals have already engaged in online scams by claiming to provide access to the leaked websites.”
Ashley Madison’s parent company Avid Life Media is offering a $500,000 CAD reward for information on the hackers. However, the company also now the subject of a new report by Motherboard, which claims that Avid Life Media CEO Noel Biderman wanted to utilize a security exploit in 2012 discovered by then CTO Raja Bhatia, to steal the user email addresses of then-competing site Nerve.com.
According to a conversation released in the Ashley Madison leak, Bhatia said the exploit “can turn any non paying user into a paying user, vice nversa [sic], compose messages between users, check unread stats, etc.” Biderman then responded by saying, “Holy moly..I would take the emails…”
While Bhatia refused to perform the task, he did provide Biderman the methodology to perform the exploit, and posted the information of his Nerve.com user account on a secret Github page, still accessible by Motherboard.
These two stories show both the human cost of the theft and release of private information, as well as how in the current technology climate, companies can play both victim and culprit.