Hackers who threatened to release sensitive data about millions of cheating website users last month, appear to have kept their promise.
The hackers had threatened that if the Ashley Madison owner refused to take the site offline permanently, they would go ahead and leak the sensitive customer information.
The detailed data may put Washington, D.C., on edge. The nation’s capital apparently has the highest rate of membership for the site of any city. The Hill reports that more than 15,000 of the email addresses used to register accounts were hosted on government and military servers.
There is also around 150 UK Government email addresses included in the data dump!
On Tuesday a data dump of 9.7 gigabytes in size, was posted to the dark web by the Impact Team group who claim to be behind the hack.
According to wired: The files appear to include account details and log-ins for some 32 million users of the social networking site, touted as the premier site for married individuals seeking partners for affairs. Seven years worth of credit card and other payment transaction details are also part of the dump, going back to 2007. The data, which amounts to millions of payment transactions, includes names, street address, email address and amount paid, but not credit card numbers; instead it includes four digits for each transaction that may be the last four digits of the credit card or simply a transaction ID unique to each charge. AshleyMadison.com claimed to have nearly 40 million users at the time of the breach about a month ago, all apparently in the market for clandestine hookups.
Even though the leaked data did not include full credit card details or billing information, the hack is still a major embarrassment to Avid Life Media Inc., which owns the site, and the 38 million users whose private data was exposed.
The passwords released are hashed, but, according to Wired, hackers may still eventually crack the easier ones allowing them to gain access to user’s private correspondence if the account is still online.
In the introduction to the leak the impact team wrote: “Time’s up!” referencing the decision by Avid Life Media to keep the website online.
As RT point out: Although it is unknown how much of the personal data is legit, given that people seeking an affair would likely fill out a profile with fake details, the hack is still expected to result in massive public outcry and embarrassment.
Online security analysts and social media users scanning through the leaked database have, for example, already noticed an email address which appears to belong to former UK PM Tony Blair, but since the affair website does not require email address verification some noted that anyone could have used it to set up a fake account.
Avid Life Media have condemned the release of the data saying that The Royal Canadian Mounted Police, the Ontario Provincial Police and the FBI are investigating the hack
“This event is not an act of hacktivism, it is an act of criminality. It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities,” ALM said in a statement. “The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society. We will not sit idly by and allow these thieves to force their personal ideology on citizens around the world.”
Whatever the outcome, it looks like a lot of divorce lawyers are about to get very busy.