In the post-Target, post-Home Depot, post-OPM world, we’re no longer shocked or scandalized by even the largest corporate hacks.
But we’ve never seen a breach even half as ruinous or as imminently destructive as the one that just exposed 36 million possible adulterers to a gawking public.
The trove of hacked user data from Ashley Madison — unlike virtually every large-scale hack before it — didn’t just involve e-mail addresses or credit card numbers or other things one can fix with a phone call to the bank. It included full names, birth dates, marital statuses and, perhaps most damningly, intimate details about its users’ kinks and sexual preferences — the sort of dirt that, depending on your circumstances, can easily become grounds forfiring, divorce, jail time or even execution.
In a few keystrokes, an anonymous, ideologically motivated group managed to torch the careers, friendships and marriages of millions of people. That’s not “vandalism,” to use a term that Ashley Madison itself has lately resorted to.
That’s terror. And it should terrify you.
None of this is a revelation, of course: Much like terrorist events of other, more violent sorts, the Ashley Madison hack hasn’t exposed anything we didn’t already know. Hackers have managed more than 75 high-profile, large-scale corporate breaches in the past 10 years. If you somehow survived the past decade believing yourself immune, you’re either some sort of security expert or you live in an Internet-free commune.
But post-Ashley Madison, the Internet feels fundamentally less safe than it did before. You can smell the tang of anxiety in the panicked rush to build tools that can search the hacked data; in the crunch of people flooding 4chan and Reddit and Pirate Bay for more and dirtier details on the hack; in the bottomless gloating of the people who know, with self-righteous certainty, that they won’t be in it.
And it’s not just Ashley Madison that scares us, by any means: God knows we all have skeletons in our digital closets, little secrets and embarrassments and indiscretions that we’ve unthinkingly entrusted to distant corporate servers that could also be hacked any day.
“The current business world,” Ashley Madison said, ominously, when news of the hack first broke, “has proven to be one in which no company’s online assets are safe from cyber-vandalism.”
That includes the companies that store your e-mails and your text messages; the ones you use to track your schedule and your finances; the ones where you shop and watch porn and fill your prescriptions.
Think, for a moment, of your most embarrassing secret, the one that would destroy you if it appeared in a public-facing database that your neighbors and co-workers and cousins could search. Is there any trace of that anywhere on any server?
Are you absolutely sure?
“If understood in more abstract terms,” the Awl’s John Herman foretold Tuesday, “this hack has the potential to alter anyone’s relationship with the devices and apps and services they use every day … It’s a powerful reminder of the impossibility of perfect privacy.”
And yet, we’ve had reminders — dozens of reminders, hundreds of reminders, almost as many reminders as we’ve had incentives to give up this sort of private data. Corporate America has cleverly engineered a world where surrendering is frictionless, convenient, ubiquitous: It’s holding onto our privacy that’s difficult. In practical terms, for instance, a post-Ashley wake-up call would entail deleting every app that tracks personal data, from Fitbit to Mint to Google Maps; writing only pen-and-ink letters; and scrubbing oneself from the social Web.
In other words, you’d have to forsake modern life entirely. And given the certain agony and difficulty of that — versus the vague, future possibility of a life-upending hack — I suspect most people will carry on as if nothing ever happened.
Something did happen, though, and it will continue to happen over the course of the next few months: Even as I type this, divorce lawyers are salivating over a potential influx of cases and Army investigators are hunting ethics-code violators down. On Reddit, one of the forums where people implicated in the hack can speak anonymously, cheaters and their significant others are begging for advice about saving their most important relationships.
“I found my father’s email on the Ashley Madison dump,” one 16-year-oldwrote Wednesday. “I’m afraid to bring this topic up as I know there will be extreme consequences … What are my options?”
So even if our behavior doesn’t change post-Ashley, we’ll have to live with the knowledge, and the anxiety, that such catastrophic upsets are possible. That our data is fundamentally, perpetually unsafe. That — at any time — someone could blow it up.
The post-Ashley-Madison Internet is a paranoid, disquietous place. But don’t worry: You’ll get used to it. If you haven’t already.