[gwern]

> You know how the blockchain works, right?

You apparently don't. Payments do not in themselves offer any risk whatsoever when the payments are made to a brand-new address (which is so obvious and basic a point of secure Bitcoin use I didn't need to mention it); these payments to the blackmailer can then be mixed in numerous ways at varying costs and levels of efficacy - Coinjoin, a large DNM, a web wallet, an exchange (either to just gradually withdraw, or sell outright into another cryptocoin & then sell that cryptocoin at a different exchange, particularly one of the cryptocoins with built-in anonymity features), sent to stealth addresses, etc etc. The pseudonymity of this does not affect the mechanism of turning a lump sum into a stream of payments: the payments can be safely made with reasonable levels of transaction costs, and thus the blackmailed and blackmailers can transact safely and keep the data private or not, with neither side being ripped off for more than one payment.

> The hackers are rationally incentivized to maximize their returns, and that includes selling the data to the highest bidder before the price depreciates. That means that Ashley Madison would need to beat the highest bidder each month, without knowing if the other bidders are even real.

If the hackers are bluffing, then AM can always call their bluff. If AM is not confident they are bluffing, then they will simply pay up to the value of keeping the data secret. Where's the problem here? Again, why does a stream of payments fail where lump sums would succeed?