There was something odd about the text message when it arrived, a little before 2 p.m. on Sunday. "Hi" was all it said.
The number, from an 862 area code, was unfamiliar. I wrote back: "Hi who's this?"
Then came the creepy part. "A friend." Followed by, "I have found your name in a certain database and was wondering if you could help explain its presence there."
Hackers and extortionists of all stripes and skill levels are apparently targeting people whose names appear in Ashley Madison's database, which was recently stolen and dumped online. The site bills itself as the "world's leading married dating service for discreet encounters." The release of the company's internal data has the potential to be devastating to the 33 million people who were apparently using it to try to arrange extramarital affairs. It's also a crippling blow to the company.
In addition to the awkward conversations that are likely unfolding between people who seem to have been active on the site and their partners and employers, the information is already being deployed to try to extort money or just generally to harass people. In one incident that was reported by the security blogger Brian Krebs, an IT manager in Milwaukee intercepted a message to a married Ashley Madison user that demanded payment in return for keeping his information quiet. "If you would like to prevent me from finding and sharing this information with your significant other," the message said, "send exactly 1.0000001 Bitcoins (approx. value $225 USD) to the following address …."
So far, in my case, the harassment has been in the form of anonymous text messages that continued all day from someone who refused to identify himself or herself and who took a moralistic, scolding tone. "What I can't understand is how an intelligent person like yourself got caught in this," the person wrote. "What were you thinking?"
What I was thinking was that I was writing a cover story for Bloomberg Businessweek about Ashley Madison, which was published in 2011. I joined the site, with the handle "redvelvet2," to conduct research for the article. I quickly learned what it was like to be a woman on Ashley Madison, which involved being inundated with messages from men who behaved like lions fighting over a piece of meat.
Fortunately for me, the damage from this privacy violation is likely to be minimal. But for millions of other people, it may cause real pain.
A superintendent with the police department in Toronto, where the company is based, said this morning that multiple extortion attempts have been reported, as well as two unconfirmed reports of suicides that were tied to the data release. “Nobody is going to be able to erase that information,” he said. Avid Life media, the owner of Ashley Madison, says it's working with law enforcement to find out who is behind the attack.