While I am not afraid to jump on any bandwagons, I’m not very comfortable touching the data released of the Ashley Madison breach.
So instead I will focus on something that bothers me from people responding to the breach. You see, a lot of morality knights morality knight; someone who without much support, fanatically fights for what he/she considers a rightful moral purpose. have stood up since the public release of the data.
What I find most disturbing about a lot of the reactions is that aparently it’s fine to release personal information of about 37 million accounts if this means that some cheaters would get caught. Basically these morality-knights are making the statement:
That, of course, is a very, very slippery rope. Because if you agree that hacking and exposing personal information is alright in some cases, who is to say that hacking and exposing all data from a hospital that wronged someone in the past (and it happens) is wrong? Hacktivism is all fine and dandy, but just like activists in the real physical world, no one is going to find themselves agreeing with every target. And let’s not forget that the “I have nothing to hide”-statement has been debunked a few times: 1, 2, 3, 4, etc..
So before going on in various social media about how those people “had it coming” and it “serves them right”, think about the impact your positive statement about the hacking and dumping of data will have. Not just in this case, but also in the next case, where your data might be touched because someone thought that company x was doing something wrong in someone elses book.
Another disturbing trend seems to be that some individuals seem to be interested in outing as many people as possible from whatever demographic they find interesting. Just one example of a now suspended account:
But there are more of these type of accounts and sites, like the now suspended http://checkashleymadison.com/.
Personally I think Troy Hunt with his haveibeenpwned.com does it the best. You need to verify your email address on the site, and you will get notified if you are in the database, without making it publicy searchable.