Just who is joining the Ashley Madison website?

Ashley MadisonI've never believed the adage that all publicity is good publicity.

And similarly I find it hard to swallow the thought that a website designed for "finding an affair and cheating partners" - that has been plastered over newspaper headlines for months after millions of its users were exposed by a hack - could have increased its membership by 20%, adding over five million new members since it was attacked.

Yes, Ashley Madison is claiming it has over 43 million users today.

Ashley madison website

It seems to me that there are a few possibilities:

  1. The code Ashley Madison uses to display a membership number on the front of its website is a bit buggy, and has made a mistake counting its users. Perhaps the number is cumulative and doesn't include those who frantically deleted their accounts after the hack became front page news.
  2. Ashley Madison has invested further in fembots - fake female profiles that are designed to trick unsuspecting men into reaching for the credit card, fooling them into thinking that they are about to start chatting with a real woman rather than an algorithm.
  3. The number displayed on Ashley Madison's front page is pure fiction.
  4. The number is correct. Despite many bad headlines, and losing its CEO, Ashley Madison has used the breach publicity to its advantage and convinced many more people to sign-up for its service. Of course, this raises the question of just who are the people who are signing up?

What do you think is the most plausible explanation for Ashley Madison's numbers? I have a theory. It's a theory you have a pretty good chance of guessing. But I cannot prove it because, frankly, no-one other than Ashley Madison can tell us how many users they might really have.

Unless, of course, they open themselves up to an independent audit. And I can't picture them doing that any time soon.

Ashley Madison was hoping to float on the stock market last year, so any suggestion that they might not have been entirely accurate in their membership numbers is something that would go down like a lead balloon with investors.

So, let's hope that they have managed to put all their troubles behind them, and resurrect their business in miraculous fashion.

Of course, even if true, 43 million users doesn't mean 43 million paying users.

And the Ashley Madison's claims that it currently has "over 43,485,000 anonymous members" are a bit rich considering that details of some 32 million apparent members have been floating around the internet for months, and many have received blackmail threats. I wouldn't call that anonymous.

It may also be time for the company to stop bragging about being "as seen on BBC News, Reuters, The Sun, The Telegraph, The Times" too.

Yeah, it's appeared in a *lot* more media than that, but here for your reference are some helpful links to stories on BBC News, Reuters, The Sun, The Telegraph, and The Times.

Not the kind of publicity I would imagine any website would welcome.

Further reading:

Tags:

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

Subscribe to the free GCHQ newsletter

3 Responses

  1. Peter Piper

    January 4, 2016 at 3:27 pm #

    Happy New Year Graham,

    I've been watching the reports of the addition of users to the Ashley Madison website and just shaking my head in disgust.

    There is no way that there are 43 million users on the site. Unless:

    AM has not done a clean up of their data after the hack. After analyzing the data, there may be 43 million entries in there, but many of them would be:

    * users who deleted themselves after the hack
    * users that have had failed login attempts
    * users that just signed in after the hack to see what it's about
    * and most likely, millions of hack victims creating new fake accounts to see what's going on with the site from an internal view, since AM has been mum

    If AM has not cleaned up the data after the hack, that is very very frightening.

  2. coyote

    January 4, 2016 at 11:22 pm #

    I presume your guess is that all four points are the reasons. That's certainly mine (except perhaps it isn't buggy so much as a feature).

    To think they would try to be on the stock market… wow. That's just messed up (I would use the F word for the pun, of course, but I don't know who will see this and since it isn't my website I won't be disrespectful in that way). They need serious help.

    And good point on paying members. I presume they don't have nearly as many benefits of the paid users and that maybe includes inability to contact members or respond or … (??? I don't know). Anonymous users are also a concern for such a website (not that the website itself is anything but unethical and immoral). By that I mean who would want to interact on such a website with an anonymous user ? But yes it's probably not the least bit impressive to those who have had their contact information made public.

    Are they really bragging about the publicity ?

    As for number of members, Peter made me think of something else. Even if they have these users, are they being used ? What if someone decides they don't like it but don't delete it ? Or they create a count for a one time thing, maybe some years back, and then that's it (and thing doesn't necessarily mean 'the dirty deed' but curiosity alone).

    Actually, I take it back. They don't need serious help; they're beyond help except shutting down.

  3. Disappointed

    February 27, 2016 at 7:33 am #

    I am an attractive college student who used to be on Ashley Madison for about a year and a half.
    A couple weeks ago they "temporarily suspended" my account bc of "soliciting" Lol! Ashley Madison is a joke!

Leave a Reply