Like so many people whose data was leaked in a hack of the infidelity dating website Ashley Madison, Steve was desperate for a way to keep his information from spreading online. He’d been a member of the site for years and didn't want his wife to find out.
A few days after the leak, he received an e-mail from a company named Trustify that seemed to offer hope:
Steve had used a tool created by Trustify, an on-demand private eye startup, to search whether his e-mail address had been contained in the leak. The company didn't disclose to searchers that this would happen, but a few days later, he received the e-mail from Trustify, letting him know that someone had used the tool to search his e-mail address. He received the same e-mail twice, potentially indicating that someone else had searched for his e-mail in the leak.
Trustify then offered to help him hide the exposed data. A link included in the e-mail took him to a page on the company website that said he could pay one of the company's internet sleuths $67 an hour to find out exactly how much information was out there on the web that might "ruin" his life.
Security researcher Troy Hunt correctly pointed out last week that “exposure is irretrievable” at this point because the information has been "sufficiently socialised and redistributed."
We reached out to Trustify for information on how exactly the company plans to help victims of the hack keep the data offline. A company spokeswoman responded with a link to a Q&A, but did not respond to other questions. In the Q&A, Trustify readily admits that it can't really help anyone hide what's already out there.
"We are in the business of helping customers find the truth, we aren’t in the business of modifying the truth," the company wrote.
Another question acknowledges that the company's policy of e-mailing users whenever someone searches their e-mail is a little creepy.
"Whether it was a self-check or not, we feel people have a right to know that their data is now publicly available," the company wrote. To skeptics, though, it seems more like cashing in on a good opportunity for marketing. Trustify readily admits that because of the hack, business is booming. "Our daily caseload has increased 15x so far, and nearly every single new case since August 18 has been related to the Ashley Madison data," the company said in the post.
It seems all Trustify is doing is providing people access to information that's already public, for a fee, while advertising itself as a solution to panicked hack victims like Steve.
"At first I was hopeful," said Steve. "I thought someone could help me. But the information is already out there. I am going to live with the realization that my info is out there and it's only a matter of time before it is found."