Hackers who attacked the website AshleyMadison.com last month finally followed through on their threat to release a huge amount of customer data. Yesterday, hackers published 9.7 gigabytes of data on the “dark web” that is only accessible using a special browser.
Already, however, the data has made its way onto the regular Internet.
The data dump came after the owner of Ashley Madison, Avid Life Media, failed to adhere to the hackers’ demands to remove AshleyMadison.com and EstablishedMen.com from the web.
The information published by the hackers, who refer to themselves as the Impact Team, include various account details for approximately 32 million users of the dating site whose slogan is “Life is Short. Have an Affair.”
Seven years of credit card and payment transactions are included in the data dump including names, addresses, email addresses and amounts paid by the user. While it does not include credit card numbers, it does include four digits for each purchase which may or may not be the last four digits of a user’s credit card.
It is unclear if users provided legitimate details when they signed up for the website, but it is likely that the names and addresses are real when related to the credit card transactions.
AshleyMadison.com touts on its website that, “Ashley Madison is the most famous name in infidelity and married dating. Have an Affair today on Ashley Madison. Thousands of cheating wives and cheating husbands sign up everyday looking for an affair . . . With Our affair guarantee package we guarantee you will find the perfect affair partner.”
The Impact Team warned last month, after it hacked into the system and stole the data, that it would do this exact type of data dump if Avid Life Media did not take down two of its websites. Avid Life Media refused, and the data release occurred. Following the initial breach, the hackers stated clearly that, “Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails.” To prove they were serious, they released snippets of information in July.
The hackers appeared to target the company on moral grounds and the belief that the company was engaged in unfair business practices.They pointed out, “Too bad for those men, they’re cheating dirtbags and deserve no such discretion . . . Too bad for [Avid Life Media], you promised secrecy but didn’t deliver.”
Following the initial breach, Avid Life Media assured customers that they had things under control and that they instituted new security measures. They also refused to take down the websites. Unfortunately, that was too little too late for those whose data had already been stolen. Avid Life Media apparently took a gamble and lost. Badly.