Good news – your credit card is fine and only your irreplaceable things were hacked!

1
It is important to note that, at this time, there is no evidence that any financial information or passwords were compromised.

Hey, I really hate to tell you this, but we were hacked and your account containing a bunch of really sensitive personal data was exposed. I know, it’s enormously inconvenient but I have good news for you – your credit card is fine!

Now yes, banks do have very good fraud protection these days and they would almost certainly have reversed any illegitimate charges, but isn’t this great news! Oh yeah – they’ll also issue you a new card too and don’t worry, that won’t cost you a cent. Yes, you’ll need to update your direct debits and anywhere you’ve stored that number but hey, you have to do that every time the card expires anyway so no biggie.

Fortunately, the only data that was compromised was useless stuff like your username and password.

No financial or sensitive personal data beyond Gaana login credentials were accessed. No third party credentials were accessed either. 3/n

— Satyan Gajwani (@satyangajwani)

How good is that? We’ve done an awesome job of protecting this info (we’ve underlined it above just to emphasise the point), in fact so much so that the only stuff that was actually leaked was useless info like your sexual orientation, what you like to get up to in the bedroom and the fact that you’re looking for hookup sex. That’s generally pretty useless info so yeah, don’t worry about it.

Moving on, let us talk for a moment about your credit cards and again and we have fantastic news. In fact the news is so good, allow us to not only express it in bold, but we’ll underline it as well:

This will save you a trip to the mailbox which would otherwise have been required had your card actually been exposed and the bank then replaced it for you free of charge. We won’t highlight the inconsequential bits after that, namely that we stored passwords inappropriately by encrypting and not hashing and that your name, address, phone and date of birth were exposed and are now being sold on the dark web to the highest bidder. That’ inconsequential stuff in the grand scheme of things.

Which brings us to Ashley Madison. We need to be crystal clear here – your card is fine and anyone who tells you differently is being reckless with the trusth:

No current or past members' full credit card numbers were stolen from Avid Life Media. Any statements to the contrary are false.  Avid Life Media has never stored members' full credit card numbers.

We know how important credit cards are to Ashley Madison members because once their wife and kids walk out on them for having extramarital affairs which they now know about because of the data breach, easy cash will come in very handy. Same when they’re fired from their job because whilst they might have signed up to the site on the promise of “100% discretion”, clearly that is no longer the case and some people are being fired as a result of their private indiscretions. Avid Life Media is proud to be able to support their members through this time by ensuring they don’t need to wait up to three business days for a new card to arrive.

Despite appearances, assurances of credit card sanctity are not there for the owners of the cards, they’re there for the banks. In the context of their concerns today, members of sites like Ashley Madison couldn’t care less about their cards, but merchants care very much that the PCI hammer may be brought down upon them. Consider that next time you read a statement like those above.

Source: troyhunt.com