What Is Shame Hacking? And Should We Be Worried?
Private becomes public on the web when shame hackers are involved.
In the modern internet era it has unfortunately become almost commonplace to read headlines about another major data breach, with reams of sensitive user data ending up in the hands of wrongdoers. Whether this comes as a result of the fault of a large company or a particularly aggressive and invasive attack, we generally feel bad for the victims of such invasions of privacy, as having your data leaked and used for nefarious purposes can lead to massive inconvenience in many cases.
However, there is a particular kind of data breach that, somewhat curiously, doesn’t evoke the same kind of sympathy for its victims. It’s the kind that comes as a result of “shame hacking”, or when a group of hackers sets out to publicly shame individuals who use a service or partake in an online activity that could cause embarrassment or reputation damage if it became public.
One of the most widely-known recent example of shame hacking (other than the Mossack Fonseca scandal) was the Ashley Madison hack. Before the hack, the website had grabbed tons of headlines for its ethically questionable approach of providing a platform for people to have extramarital affairs, with the somewhat tasteless tagline: “Life’s short—have an affair.” It wasn’t long until the names and personal info of 39 million people who had registered for the dating site had their names leaked, even those who were no longer active on the site. The fact that a site which prided itself on discretion and secrecy could fall victim to such a breach was shocking to be sure, but perhaps more shocking was the high profile names that were found to be users of the site. In true internet style, amateur sleuths and shamers pored over the data leak and used what they found as fuel for blog posts, commentary and the like. In the end, it was this spiral of shaming that caused the most damage, not the hack itself.
More recently, a similar example of shame hacking occurred when the dating site beautifulpeople.com—which, you guessed it, is designed for very attractive people only—was hacked resulting in the data of 1.1 million of its users being put on the black market. While there’s nothing wrong with being beautiful, plenty of internet users took the opportunity to mock people who thought so highly of their own attractiveness they needed to join a website just for them.
There’s one argument that if people are going to do tasteless and crass things such as join a website for extramarital affairs or a club for exceptionally attractive people, they might deserve what they get. However, that’s a slippery slope. As Nellie Bowles wrote in the Guardian, “Hacking to shame is a scary pattern. Most active, casual, relatively sloppy young internet users (like myself) are having their data bought and sold all day long, bartered legally or illegally. And, most active, casual, relatively sloppy humans (like myself) have a sex life that’s lived, at least in part, online.”
Indeed, with so much of our personal lives online, knowingly or not, we are all on some level vulnerable to the kind of hacking that comes when people with bad intentions set out to shame people who were simply living their lives. Similar to the iCloud hack when celebrity nude photos from their personal phones were leaked, sometimes personal behavior that’s appropriate, albeit intimately so, in the private space becomes incredibly embarrassing when out in the open.
Shame hackers provide the raw material for people’s public lives to be out in the open, but we as internet users don’t necessarily have to take the bait and exacerbate the problem. The best thing to ask yourself in this kind of situation is what you’d want someone to do if you were the victim.