Personal data for millions of users of Ashley Madison, the adult dating website that was revealed last month to have been targeted by computer hackers, has been published online.
A trove of files — purportedly including user account credentials, billing records and sexual fetishes for some 37 million customers of the infidelity site — began circulating online Tuesday in the form of a massive, 10-gigabyte torrent.
Ashley Madison’s parent company, Avid Life Media, has condemned the release as criminal. Brian Krebs, the cybersecurity journalist who first reported on the breach last month, said Tuesday that he had identified “three vouched sources who all have reported finding their information and last four digits of their credit card numbers in the leaked database.”
Hackers calling themselves the Impact Team said in mid-July that they had breached the network of Avid Life Media and would post stolen information online in 30 days unless Ashley Madison and a sister site were taken offline.
“Avid Life Media has failed to take down Ashley Madison and Established Men,” Impact Team wrote in a statement published alongside the dump this week. “We have explained the fraud, deceit and stupidity of ALM and their members. Now everyone gets to see their data.”
The hackers said at the time that they had targeted the site to expose its users, but also to counter Ashley Madison’s claims that its user records were sufficiently protected. Ashley Madison had offered users a commercial service in which customers could pay to have their account data supposedly expunged, but the leaked cache reportedly contains evidence that suggests otherwise.
“Find yourself in here? It was ALM that failed you and lied to you. Prosecute them and claim damages. Then move on with your life. Learn your lesson and make amends. Embarrassing now, but you’ll get over it,” the hackers said this week.
Ashley Madison’s tagline is “Life is short. Have an affair.” The site was launched in 2001 in Canada and averaged roughly 75 million hits a month this year, according to SimilarWeb, an online analytics firms.
In a statement this week on the data dump, ALM said: “This event is not an act of hacktivism, it is an act of criminality. It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities.
“The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror and executioner, seeing fit to impose a personal notion of virtue on all of society. We will not sit idly by and allow these thieves to force their personal ideology on citizens around the world,” the company said.