“I’ve got their profile right in front of me, all their work credentials.
It was definitely a person here that was not an employee but certainly had touched our technical services.” As if to support this theory, the message left behind by the attackers gives something of a shout out to ALM’s director of security.
“You did everything you could, but nothing you could have done could have stopped this.” Several of the leaked internal documents indicate ALM was hyper aware of the risks of a data breach.
In a Microsoft Excel document that apparently served as a questionnaire for employees about challenges and risks facing the company, employees were asked “In what area would you hate to see something go wrong?
” Trevor Stokes, ALM’s chief technology officer, put his worst fears on the table: “Security,” he wrote.
The compromise comes less than two months after intruders stole and leaked online user data on millions of accounts from hookup site Adult Friend Finder.
In a long manifesto posted alongside the stolen ALM data, The Impact Team said it decided to publish the information in response to alleged lies ALM told its customers about a service that allows members to completely erase their profile information for a fee.