Ashley Madison hacked: Users details dumped online
Impact Team has followed through on its threats to expose the personal information of an estimated 37 million cheaters.
The personal information of millions of potential cheaters has been leaked online, after hackers who attacked the ‘discreet affair’ website Ashley Madison followed through on their threats.
Web site Ashley Madison, a place for ‘married men and women’ to pursue affairs and cheat, was hacked last month by a group identifying itself as Impact Team.
The hackers gained access to personal data of approximately 37 million previously anonymous users, threatening to release it all unless parent company Avid Life Media took the site and its sister enterprise Established Men down.
Ashley Madison and Established Men remained online and Impact Team has now followed through, posting a torrent file online which reportedly contains the information of more than 30 million user accounts.
A searchable database has also been built, allowing anyone — spouses or otherwise — to search for people by name or email address, which then returns information about sexual preference, contact details, body type, and fetishes.
The information dump also reportedly includes credit card information.
“Avid Life Media has failed to take down Ashley Madison and Established Men,” the hacking group Impact Team said in a statement in the dump.
“We have explained the fraud, deceit, and stupidity of ALM (Avid Life Media) and their members. Now everyone gets to see their data,” it said.
The team also had a message for any victims of their attack.
“Find yourself in here?,” the group asked.
“It was ALM that failed you and lied to you. Prosecute them and claim damages. Then move on with your life. Learn your lesson and make amends. Embarrassing now, but you’ll get over it.”
The group also claimed most female profiles on the site are fake.
“Find someone you know in here? Keep in mind the site is a scam with thousands of fake female profiles,” the group said.
“See Ashley madison fake profile lawsuit; 90-95% of actual users are male. Chances are your man signed up on the world’s biggest affair site, but never had one. He just tried to. If that distinction matters.
Wired is reporting that the user passwords are encrypted with a bcrypt algorithm, suggesting at least some form of security on Ashley Madison’s part but Robert Graham, CEO of Erratasec, told Wired that “hackers are still likely to be able to ‘crack’ many of these hashes in order to discover the account holder’s original password.”
The attack was first revealed in July by online security news website KrebsOnSecurity, which said the group hacked the site in response to a profile-erasure service offered by Avid Life Media for $US19.
The hackers claimed the company made $US1.7m in revenue last year from that service which they said doesn’t actually erase personal information.
Why that Valentine’s Day gift might head back to the shop
Australians returned more than $11m in gifts, or 88,600 items, in the fortnight after Christmas and it could be down to people cashing in what they can to make ends meet, a data collector says.
CEO still MIA as Richard White is back with a vengeance
WiseTech says it is progressing with its search for a new chief, as Richard White wastes no time settling into his new $1m a year consulting role at the company he took some brief leave from.