Personal data believed to have been stolen from the adultery website Ashley Madison has been posted on the dark Web, apparently exposing names, email addresses, phone numbers and passwords for some of the website’s 37 million members, among other information.
The data dump comes one month after the website’s parent company, Avid Life Media, confirmed a “criminal intrusion” into its system. The website connects people looking to have an extramarital affair.
Who Can See the Data
The database of private information was posted to the dark Web, a corner of the Internet difficult to reach without some Web savvy. The bottom line: While personal information has been breached, it would take skill for someone to find a specific person to confirm his or her interest in cheating.
It’s also important to note that Ashley Madison users aren’t required to verify their email addresses, meaning some found in the dump may have been hijacked by Ashley Madison users seeking to keep their own email addresses off their accounts.
How to Know If Your Information Was Compromised
A website called “Have I Been Pwned” allows concerned users to enter their email address. They’ll then have to respond to a verification email before the website lets them know whether their email address, along with potentially other private information, may have been included in the data dump.
Why the Hacker or Hackers Did It
Going by the name “The Impact Team,” the hacker or hackers said the breach was spurred by a disagreement with Avid Life Media’s business practices, specifically a “full delete” feature. For $19, the company allows repentant cheaters to scrub their information from the website.
“Full Delete netted ALM $1.7mm in revenue in 2014. It’s also a complete lie,” the Impact Team wrote after the hack last month. “Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.”
Business practices aside, the hacker or hackers also had another message:
“Too bad for those men, they’re cheating dirtbags and deserve no such discretion…Too bad for ALM, you promised secrecy but didn’t deliver.”
How Ashley Madison Is Responding
A statement posted on Avid Life Media’s website said “this event is not an act of hacktivism, it is an act of criminality.”
“It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities. The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society.
“We will not sit idly by and allow these thieves to force their personal ideology on citizens around the world. We are continuing to fully cooperate with law enforcement to seek to hold the guilty parties accountable to the strictest measures of the law,” the statement said.