The Ashley Madison data breach is the gift that keeps on giving.
With only a few days of analysis, the implications are already huge. That the site is a scam and made money via a second scam is the least of our concerns. We’ve learned that more than 15,000 military emails were registered with the service. Adultery in the military is punishable by a year in confinement, as well as a dishonorable discharge and forfeiture of pension.
We’re also beginning to see public figures crumple under their own stupidity. Family values activist and child molester Josh Duggar was found to have two separate profiles on the account. A popular, squeaky-clean evangelical YouTuber had one as well. The executive director of the Louisiana GOP was busted, too — though he hilariously claims his activity was “opposition research.”
We have all the best features of a major news story here: It’s tawdry, it casts sunlight on bad behavior and hypocrisy, and the data is just so damn comprehensive that new stories could trickle out forever.
But aside from disgracing an already disgraced reality TV star and a low-level GOP wonk, we haven’t learned too much. People love to cheat, people don’t know how to cover their tracks, companies treat our personal data with a worrying disregard. No surprises here.
Moreover, nobody knows for sure who is behind Impact Team, the name of the hackers apparently behind the attack, or what their motivations are. But should they decide to use their considerable skills again, they could aim a lot higher than a scammy website for adults seeking sex on the side.
Here are some data breaches that would achieve something greater:
Leaked employee compensation
Companies like Facebook and Google love to trot out diversity reports, treating them like earnest, progressive disclosures.
“While we have achieved positive movement over the last year, it’s clear to all of us that we still aren’t where we want to be,” we’re told.
What they don’t like to disclose: salaries. Those don’t get reported quite so much. In fact, they’re often are paired with miles-long non-disclosure agreements.
President Obama said it best: “Pay secrecy fosters discrimination and we should not tolerate it.”
Whether via TriNet or Zenefits or the titanic ADP, leaking an entire company’s pay structure would be fantastically huge news. With a few clicks, the public would get a raw look at some longstanding issues like gender discrimination, wage disparity, egregious bonuses for non-performing executives, etc.
Super PAC financial disclosures
Money in politics should make you worried for several reasons.
First, the unlimited money from these so-called “super PACs” often come from anonymous sources. Per the New York Times:
Groups supportive of each party employed a technique that allows them to cloak the identities of many of their donors. Those groups, including Crossroads and Priorities USA, have affiliates that are organized as nonprofit organizations known as 501(c)(4) groups, which can raise unlimited money but do not have to reveal their donors. Donors wishing to remain anonymous have the option of making their contributions to those nonprofit groups, which raised tens of millions of dollars in 2011, according to officials at the groups.
For the 2016 presidential election, there will be more money flying around than ever before. Even worse, it’s coming from increasingly fewer sources. Paul Blumenthal at the Huffington Post reported:
The unlimited-money super PACs account for one-third of all federal election funds raised in the first half of 2015 — up from 4 percent at this time in the last presidential election. Three-quarters of all super PAC money came from more than 500 wealthy donors, corporations and unions in contributions above $100,000. More than half the money in the presidential race so far — to super PACs and to campaigns — came from donors who have given at least $100,000.
That’s a huge problem. Super PAC transaction data would go a long way in illuminating all this shadowy Citizens United money.
Imagine an Ashley Madison-sized 30GB dump of spreadsheets, instant messages, emails, and documentation of wire transfers. Imagine finding out the super-wealthy names behind these anonymous P.O. boxes, and why they’d prefer to not have their name tied these huge donations. Imagine how that could tip a presidential election.
Finally (and most improbably)…
Erasing student loans
Paging Tyler Durden. Or Mr. Robot. Whoever.
So, the people who are responsible for hacking the Ashley Madison site… What can you do about Sallie Mae?
— 281-330-8004 (@jax1125) August 19, 2015
Student loan debt is out of control — it’s 6 percent of the U.S. national debt. Of the $1.2 billion in estimated student debt, more than 80 percent are federal loans (most of which are owned by Sallie Mae).
Ignoring the huge cost of college — easily $40,000, but $100,000 is common — the interest owed can make things like a car, a home or a small business a near-impossibility.
Sure, eliminating data is way harder than stealing it. Sure, banks are way better at protecting data that makes them money than, say, Target or Sony. Sure, you’d have to compromise a massive network with untold numbers of offline, offsite backups. But it sure would be nice if a data breach erased or otherwise invalidated loan information for millions of people crippled by debt.