The news isn’t good for the 36 million members of Ashley Madison, the website that puts cheating spouses in touch with one another. Hackers who last month stole the personal details of the site’s members said Tuesday they’d dumped all the data online.
The hack, which came to light on July 19, hit the databases of Ashley Madison operator Avid Life Media (ALM), and also affected another ALM site called Established Men, which puts women in touch with wealthy men.
The stolen data, all 9.7 gigabytes of it, contains not only members’ login details, email addresses and credit card information, but also intimate details of their sexual preferences and fantasies.
The data was dumped on the dark Web and is currently only accessible using the specialized Tor browser. However, when the information goes mainstream, as it surely will, it could make for some awkward conversations in homes around the world – and that’s aside from the headache of potential credit card fraud.
According to Wired, which first spotted the dump, the data, stolen by a group calling itself Impact Team, goes back eight years and includes details of millions of transactions. The news outlet noted that while a sampling of the posted information suggests some members provided fake numbers and addresses, “files containing credit card transactions will yield real names and addresses, unless members of the site used anonymous pre-paid cards.”
“Fraud, deceit and stupidity”
Impact Team had threatened to put all the stolen data online unless Toronto-based ALM took down the Ashley Madison and Established Men sites.
The group said it was prompted to hack the site because it was angered by the “fraud, deceit and stupidity of ALM and their members.” It criticized the apparent dishonesty of AshleyMadison’s “full delete” feature that promises to entirely remove all data linked to a profile for a fee of $19. Impact Team called this a “complete lie,” claiming former members’ information was retained by the site’s operator. Ashley Madison denied Impact Team’s claim.
“Too bad for those men, they’re cheating dirtbags and deserve no such discretion,” Impact Team wrote in July. “Too bad for ALM, you promised secrecy but didn’t deliver.”
In a statement accompanying Tuesday’s data dump, the hackers said ALM had failed to take down Ashley Madison and Established Men, so “now everyone gets to see their data.”
It added, “Keep in mind the site is a scam with thousands of fake female profiles. See ashley madison fake profile lawsuit; 90-95% of actual users are male. Chances are your man signed up on the world’s biggest affair site, but never had one. He just tried to. If that distinction matters.”
Since the hack, ALM has assured its members it’s tightened security for its sites, though of course for former and current members such news provided very little comfort.
ALM is yet to respond to Tuesday’s development, though when news of the hack broke last month it promised that “any and all parties responsible for this act of cyber–terrorism will be held responsible.”
- Hackers target major airline in data breach affecting nearly 10M customers
- Data stolen from HealthCare.gov includes partial SSNs and immigration status
- Was your Facebook account hacked in the latest breach? Here’s how to find out
- Newegg was cracked, customer data has leaked, and security is clearly scrambled
- The best shows on Netflix right now (December 2018)