Sextortion emails are nothing new, nor is the idea of utilizing the Ashley Madison breach to do so. Following the Ashley Madison breach, there was a significant increase in sextortion attempts as the breach compromised so much personal data of an “adult” nature. If the Ashley Madison breach is being used as the data source behind the recent sextortion scheme, as it is currently assessed, the risk to businesses and government organizations of falling into the crosshairs of this campaign is elevated. The Ashley Madison breach contained a significantly large number of corporate and “.gov” email addresses. This particular scheme seems to be focused more on extorting a quick cash payment from individual victims, rather than threatening companies. Shortly after the release of the Ashley Madison data, many of the compromised corporate emails saw an increase in emails requesting the victims to click a malicious link or risk having their information from the site sent to friends and family members. The victim of this scheme who has spoken publicly has stated that they chose to not pay the ransom because the actors had such poor data to back up their claims and as they expected, the victim saw no follow-up activity from the sextortionist. This means that they likely had little more than an email obtained from the Ashley Madison breach and hoped the victim’s fear would be enough to force payment. More information on this incident can be found at https://www.zdnet.com/article/new-sextortion-threat-making-the-rounds/