Former Ashley Madison CTO sues security researcher over hacked emails

Hackers Release Confidential Member Information From The Ashley Madison Infidelity Website

While it appears the hackers who stole a treasure trove of data from adultery-focused “dating” site Ashley Madison are done embarrassing the company, that doesn’t mean the fallout from the attack has stopped. The latest drama involves noted security researcher Brian Krebbs, who says he’s facing a libel lawsuit from former Ashley Madison CTO Raja Bhatia. The lawsuit stems from a report Krebs posted in late August in which he claimed that the leaked emails of now-former CEO Noel Biderman revealed a plot to hack Ashley Madison’s competitors. Bhatia apparently took issue with a number of Krebs’ claims in the article and asked for a retraction and correction, which thus far Krebs has been unwilling to do.

The report specifically claims that Bhatia send Biderman an email in late 2012 concerning a security hole he discovered on the site Nerve.com, a site dedicated to a variety of sexual topics. At the time, Nerve.com was working on its own dating service, and Bhatia allegedly said in his emails to Bidderman that he found a way to access and manipulate Nerve.com’s database of users.

According to Krebs report, Bhatia said the following to Biderman over email: “They did a very lousy job building their platform. I got their entire user base. Also, I can turn any non paying user into a paying user, vice versa, compose messages between users, check unread stats, etc.”

In his lawsuit, Bhatia takes issue with the claim that he “hacked” Nerve.com; instead, he says he “noticed a readily apparent inadequacy in the site’s security and remarked on that observation to Mr. Biderman without attempting to bypass its security or to exploit the gap by downloading or manipulating Nerve.com’s database.” Bhatia also says its important to note that at the time he sent Biderman the email, he was not acting as CTO of Ashley Madison; it seems he left the company at some point in 2009.

For now, Krebs says he has no intentions of changing or retracting his story — instead, he published the letter he received from Bhatia’s lawyers “in the likely event that other publications have also received libel and defamation threats from Ashley Madison and/or its current and former employees.” Whether the lawsuit has much merit remains to be seen, but at the very least it sounds like Krebs doesn’t plan on acquiescing to the lawsuit’s demands.

[Image credit: Getty Images / Carl Court]

Comments

Source:
Krebs on Security

Tags: ashleymadison, ashleymadisonhack, briankrebs, lawsuit, libel, RajaBhatia

Source: Engadget - Read the full article here

Author: Daily Tech Whip

This article is part of our 'News Tiles' service. The site is currently in Beta. When it is fully operational you will be able to search through and arrange the 'Tiles' to display a keyword, product or technology over your chosen time period. For example you would be able to display all of the leading tech articles on the new Kindle Fire, in one spot in real time. You will also have access to our own original reporting and analysis as well as a polished place to post your own thoughts & reviews here, amongst the Daily Tech Whip Community. Please let us know if you have any feedback via the contact form or via Twitter. Don't forget to come back next week and see our full site and claim your name and your own free tech blog.

Share This Post On