In 2015 there’s a dating website for everyone, even adulterers. Extramarital affair-facilitating website AshleyMadison.com seems to offer the perfect solution to that age old problem of how to cheat – mutual understanding between the participants, a lack of awkward office eye with the person you just screwed in the elevator, choice of illicit bedroom partners, and crucially, better security than saucy sexts stored in the iCloud. Because when do websites ever get hacked? Like, never, amiright?!
But now, disaster. All those cheaters have had their personal trust violated in the worst possible way. Their information has been leaked on the Deep Web – or so say the crusading hackers “Impact Team” who brought the website to a standstill.
Impact Team first threatened to leak the information in late July, where they ordered the parent company, Avid Life Media, to shut down Ashley Madison and Established Men; a hookup website that sets up wealthy men with women. The hackers threatened that if the site was not taken “offline permanently in all forms”, they would “release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails”.
The Ashley Madison logo says “Life is Short. Have an affair.” Photo: Ashley Madison
In a follow up statement posted on the AshleyMadison.com website, Impact Team wrote: “TIME’S UP! Avid Life Media has failed to take down Ashley Madison… We have explained the fraud, deceit and stupidity of ALM and their members. Now everyone gets to see their data.”
The information was released as a whopping 10GB compressed file on the Deep Web late last night, and has been shared prolifically on the Torrent (Deep Web encrypted network) sites since. According to Wired.co.uk, the database contains first and last names, addresses, e-mail addresses and partial credit card numbers of the 33m users, along with internal documents from the company. The hackers have also included details about users’ looks, ethnicity, sexual preferences and gender – which reveals an 80/14 per cent split between male and female users. To clarify – that’s 28m men and 5m women. Five per cent of users did not disclose their gender.
While Ashley Madison has been keen to denounce the leaked content as false, Dave Kennedy of TrustedSec said that the information dump: “appears to be legit. Very, very legit”. Independent cybercrime journalist Brian Krebs wrote:
I’m sure there are millions of AshleyMadison users who wish it weren’t so, but there is every indication this dump is the real deal.
— briankrebs (@briankrebs) August 19, 2015
But there’s some consolation for the jilted lovers who find the names and e-mails of their betrothed on the data leak. Ashley Madison does not require e-mail verification, which means anyone can sign up with someone else’s e-mail address as part of a scam, prank or fear for their own security. For example, CSO Online reported that there were over 15,000 .gov or .mil addresses in the database, but it’s pretty likely they’re not genuine. Even Tony Blair is supposedly found as a guilty party in the leak. Apply scepticism.
Avid Life Media has responded to the attack by releasing a statement, in which they claimed to be, “actively monitoring and investigating this situation to determine the validity of any information posted online and will continue to devote significant resources to this effort. Furthermore, we will continue to put forth substantial efforts into removing any information unlawfully released to the public, as well as continuing to operate our business”.