Hackers have swindled the online dating site for cheaters — and its two-timing subscribers could soon be exposed. One wonders if it is connected to the earlier ‘AdultFriendFinder’ hack and leak This year.
A hacking group swiped mounds of data from Ashley Madison, the hookup service for adulterers, and is threating to leak users’ personal data, according to cybersecurity expert Bryan Krebs.
The intruders, who call themselves “The Impact Team,” claim to have completely compromised all of Ashley Madison’s records, stealing the information of 37 million affair-seeking subscribers.
The team immediately posted some of the pilfered records, which included users’ real names, contact information and financial data. The group — furious that Ashley Madison’s promised full-delete function allegedly does not scrub data — threatened to release more sensitive records if its demands were not met.
The hackers ordered Ashley Madison’s owner, Avid Life Media, to take down the adultery-promoting site, as well as its sister service Established Men, which “connects young, beautiful women with successful men.
If the Toronto-based company fails to take the sites offline, the vigilante collective “will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails,” the group warned.
Ashley Madison, which operates under the slogan “Life is short. Have an affair,” allows married users to anonymously find an adulterous partner. For $19, customers can fully delete their profiles and histories — but the hackers claim the information is never truly removed from the site’s records.
“Full Delete netted ALM $1.7mm in revenue in 2014. It’s also a complete lie,” the hacking group wrote. “Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.”
Avid Life Media said it was working to take down information that had already been leaked, but it did not specify which of its sites had been affected.
“We apologize for this unprovoked and criminal intrusion into our customers’ information,” the firm said in a statement. “At this time, we have been able to secure our sites and close the unauthorized access points. We are working with law enforcement agencies, which are investigating this criminal act.”