scorecard
  1. Home
  2. tech
  3. A former Ashley Madison executive allegedly hacked a competing dating website

A former Ashley Madison executive allegedly hacked a competing dating website

Rob Price   

A former Ashley Madison executive allegedly hacked a competing dating website
Tech3 min read

noel biderman FULL

Avid Life Media

Avid Life Media CEO Noel Biderman.

Adultery website Ashley Madison is still dealing with the fallout after its network was breached in July, releasing huge quantities of sensitive customer data and internal documents. Now, alleged emailed released in the hack indicate that the company's founding chief technology officer once hacked into the system of a competitor website.

Motherboard's Joseph Cox and security researcher Brian Krebs have both seen what is believed to be a leaked email from CEO Noel Biderman, in which former CTO Raja Bhatia apparently said he discovered security holes in the software of Nerve.com, an adult website that was testing a dating service at the time.

Business Insider has not yet independently verified the contents of the emails.

According to the leak, in November 2012, Bhatia, who now consults for the website, mentioned in an email to Biderman that "nerve's dating site has a huge security hole."

When asked for more details, the ex-CTO responded that he "was researching the casual dating space as it's been on my mind. I remembered Nerve relaunched with a slick site and did a little digging into how it worked. They did a poor job of auditing their site."

He continued:

[I] Have access to all their user records including emails, encrypted password, if they purchased or not, who they talked to, what their search preferences are, last login, fraud risk profile, who they blocked or are blocked from, photo uploads, etc.

Prior to Bhatia's alleged hack, Ashley Madison's parent company Avid Life Media had been approached by Nerve.com about a possible business partnership. Krebs reports that at one point Bhatia made a $20 million offer for Nerve, although the deal never came to fruition.

In a statement emailed to Motherboard, ALM frames Bhatia's actions as "due diligence" relating to these discussions:

"In September PTC Advisors, representing Nerve, contacted Noel and provided a more detailed brief on the opportunity. This communique was followed by a number of conversations. Subsequently Noel contacted Raja Bhatia and asked for his assistance in conducting technical due diligence on the opportunity. This activity, while clumsily conducted, uncovered certain technology shortcomings which Noel attempted to understand and confirm ... At no point was there an effort made to hack, steal or use Nerve.com's proprietary data."

Even so, Biderman's reaction seems unusual. After Bhatia told him about the nature of the data he had access to, the CEO responded: "Holy moly..I would take the emails..."

Bhatia said no, telling the CEO that he "can't do it.. want to be able to look my son in the eye one day."

But the CTO did send over more information explaining to Biderman "how to complete the process," Motherboard reports. Biderman then allegedly attempted to follow Bhatia's instructions, but was unable to.

Last Tuesday, after customer data was leaked online by a hacker or hackers calling themselves The Impact Team, Avid Life Media released a statement slamming their actions.

"Every week sees new hacks disclosed by companies large and small, and though this may now be a new societal reality, it should not lessen our outrage," the statement said. "These are illegitimate acts that have real consequences for innocent citizens who are simply going about their daily lives. Regardless, if it is your private pictures or your personal thoughts that have slipped into public distribution, no one has the right to pilfer and reveal that information to audiences in search of the lurid, the titillating, and the embarrassing."

Business Insider has reached out to Avid Life Media for comment.

READ MORE ARTICLES ON


Advertisement

Advertisement