According to a news article,
http://www.telegraph.co.uk/news/worl...her-sites.html
The AM hackers plan to target other websites. I would urge the ECCIE staff to take extraordinary measures to ensure security while the opportunity exists, and to inform members that such steps have been taken ( without of course revealing the nature of them).
The AM lists of linked names, home addresses and email addresses is now circulating like wildfire on a local basis. There are emails containing excel files proliferating rapidly. It's now become great entertainment for people without exposure to comb the files to see who they know there. Worst data breach in the history of the web.
Originally Posted by mike0919
I wish it were that easy.
For this, or any other site to be protected (I should say, as best as they can be) they'd have to have built it on the foundation of a security mindset. That can be very cost prohibitive for a website. So, you're not going to see many sites doing the things needed to prevent an AM event from happening.
Not only that, but you piss off the wrong person and your preparations might not do much for you. Dedication and education can make for a very powerful adversary.
So far, in this underworld, I haven't come across a site that I've been impressed with as far as security goes. But you have to think about it: most of these sites are created by people in an age group that didn't have them saturated with networking knowledge. They didn't grow up on the net. Obviously if they have a site they either A: have some knowhow or B: hired someone who had some knowhow. But that's nowhere near good enough to prevent folks like yours truly from making a splash if we feel so inclined.
In essence, it really boils down to the individual accessing the site. Don't use your personal information. Period.
Granted, some sites outright require you to, and that's your call to make. I don't see Lizard Squad going after P411 anytime soon. Gina keeps to herself and deals with matters fairly (which is what'll trigger a hax attax faster than anything else- power hunger admins trying to shove e-power in faces and end up getting their sites fucked up lol).
You can make payments with throwaway gift cards, BC, or use an exchanger. Use a P.O. Box for anything that requires a phys ad, and use throwaway phones and use a fake name when buying and activating it (what, you think I can't get into your google voice? lol).
Another factor no one's talking about in these attacks -despite what the news might say- is money. I don't get off my digital ass to fuck up anything unless the cash is right. So while some might be trembling in their wittle boots over this Ashley Madison crap, I'd urge you to pay it absolutely no mind. Anyone who frequents
that area of tor knows the group (not single guy) behind all this is greedier than I am.
TLDR: Don't panic. You're fine, sucka.