After the user data leaks that put adult-oriented site Ashley Madison in the spotlight, the company's problems are far from over. Raja Bhatia, former Ashley Madison CTO, is bringing famous security researcher, Brian Krebs, to court in a libel lawsuit. The legal action is based on a series of disputable comments Krebs made in a report. Bhatia would like to see these allegations amended but so far, Krebs is reluctant to do so.
The report quotes a series of emails between Bhatia and Noel Biderman, former CEO of Avid Life Media, parent company of Ashley Madison. In them, Bhatia reveals that he found a security breach on the site Nerve.com, one of Ashley Madison's competitors. He further claimed that he can access and interfere with the user database from Nerve.com.
"I got their entire user base. Also, I can turn any non-paying user into a paying user, vice versa, compose messages between users, check unread stats, etc," Bhatia said, according to Krebs.
Bhatia is legally attacking the assumption that he "hacked" the rival site.
"[I] noticed a readily apparent inadequacy in the site's security and remarked on that observation to Mr. Biderman," he affirms. He adds that he had no attempt whatsoever to break security or take advantage of the security liability, including downloading or tempering with Nerve.com's database.
Another fact argued is that, at the moment Biderman received the email, Bhatia had already quit Ashley Madison in 2009 and was no longer CTO for the company.
Krebs is holding his ground on his story. What he did, though, was to publish the letter that Bhatia's lawyers sent him. He says he did it to warn and prepare publications that also got pressured or threatened by (current or former) employees of Ashley Madison. The result of the lawsuit remains in the hands of Justice, but it is clear that both sides are ready to fight for their word in court.
Due to the significant amount of user's personal data that was published online during the Ashley Madison scandal, questions regarding the degree of safety and anonymity that dating-sites are providing become even more significant.