Security investigator Brian Krebs is being threatened with a libel suit, after his exclusive report claimed that an ex-Ashley Madison CTO had hacked into another site in 2012.
Last month, Krebs released the exclusive story after analysing the executive emails that were leaked during the security breach, which released the sensitive data of 33m Ashley Madison users onto the Internet.
The report suggested that the adultery site’s founding CTO, Raja Bhatia had hacked into online sex magazine Nerve.com, after the site showed an interest in setting up a rival dating service.
Krebs’ reported that Bhatia had emailed ex-Ashley Madison CEO Noel Biderman, claiming that he “got [Nerve.com’s] entire user base”, adding a link to a sample of the site’s database.
Prior to the alleged infiltration, Ashley Madison’s parent company Avid Life Media (ALM) was said to be considering an offer to partner or invest in the Nerve.com.
Krebs’ report proceeds to detail further emails that allegedly show Bhatia expressing an interest in the proposal, offering at least $20m for both the company and second property flirts.com.
However Ashley Madison did not pursue the opportunity any further.
Bhatia’s lawyers have since threatened Krebs with a libel law suit for the “false and defamatory” portrayal of Bhatia in his original report.
The threat points out particular parts of the report that Bhatia and his lawyers consider to be defamatory.
The first being its headline, which reads: “Leaked AshleyMadison Emails Suggest Execs Hacked Competitors”, along with the description of Bhatia’s actions.
The letter sent to Krebs demands him to issue a retraction, explaining that Bhatia had only “noticed a readily apparent inadequacy in the site’s security” as opposed to “[exploiting] the gap by downloading or manipulating” its database as the report indicates.
Krebs is also accused of making “misleading implications” about Bhatia’s employment at ALM.
The letter says that when Bhatia was not employed by the company when he found the flaw in Nerve.com’s security in 2012, and had not been employed there since 2009.
It also states that the former CTO was unaware that ALM was considering to acquire the site.
Despite the libel suit threats, Krebs said that he will not retract or change his original story.