Hackers post data of Ashley Madison clients

Relationships and reputations at risk after millions of e-mail addresses exposed in hack of adultery website

TORONTO • Love lives, marriages and reputations may be at risk after the release of customer data from infidelity website Ashley Madison, an unprecedented breach of privacy likely to rattle users' attitudes towards the Internet.

Hackers have dumped a big cache of data containing millions of e-mail addresses, the latest cyber attack to raise concerns about Internet security and data protection.

US government officials, British civil servants and bankers, United Nations peacekeepers, high-level executives at European and North America corporations and even Vatican staff were outed, reports said.

The hacker attack on Tuesday is a big blow to the Toronto-based assignation website firm Avid Life Media, which owns Ashley Madison. It has indefinitely postponed the adultery site's IPO plans.

"Find yourself in here?" said the hacking group, which calls itself the Impact Team, in a statement alongside the data dump. "It was (Avid Life Media) that failed you and lied to you. Prosecute them and claim damages. Then move on with your life. Learn your lesson and make amends. Embarrassing now, but you'll get over it."

  • Dark Web's special feature is anonymity

  • WASHINGTON • Hackers who stole customer data from the website Ashley Madison, which promotes infidelity, have posted the information on the dark Web, a largely hidden part of the Internet accessible through special browsers only.

    "The information on the dark Web is for people who know how to dig and forage and use it, for good or bad," Mr John Proctor, vice-president of global cybersecurity at CGI, told The Globe and Mail newspaper.

    The special feature of this trove of information, which is said to be more vast than the regular Web, is that everything is done anonymously.

    "The only way to access it is through browsers that let you surf and host content anonymously," said Mr Eric Jardine, a global security research fellow at the Centre for International Governance Innovation.

    The Ashley Madison hack is not the first time that the dark Web has made it into the news.

    The most prominent case to have come out of it has been the busting of Silk Road, the illegal drug marketplace operating for two years before the FBI shut it down in 2013 and arrested the online site's founder Ross Ulbricht. He was was sentenced to life in prison in May.

    The dark Web has also been associated with the infamous WikiLeaks, the classified media site, as well as bitcoins, said to be the Web's currency.

The data dump began to make good on the hackers' threat last month to leak nude photos, sexual fantasies, real names and credit card information of up to 37 million customers worldwide of Ashley Madison, which uses the slogan: "Life is short. Have an affair."

The hackers' move to identify members of the marital cheating website appeared aimed at maximum damage to the company, which also runs websites such as Cougarlife.com and EstablishedMen.com, causing public embarrassment to its members, rather than financial gain.

Avid Life Media CEO Noel Biderman, who set up the site with his wife Amanda, believes a hacker with ties to the site's technical services is the culprit behind the privacy breach, said The Daily Mail.

Most comments on the Internet expressed horror that people's identities were exposed and many were astonished people had apparently used their work e-mail addresses to sign up to the site. It is not clear how many of the clients are legitimate - users do not have to verify their e-mail when they sign up.

The public embarrassment and emotional toll are likely to be huge on unsuspecting people whose extra-marital affairs may have been exposed on the Web or even whose e-mails were used without their knowledge to sign up for the site.

A British parliamentarian whose e-mail address was included on the leaked list said it had been stolen and used without her knowledge, adding weight to the argument that inclusion does not necessarily implicate individuals.

Still, the privacy intrusion has likely given people a jolt, making them question the data they have stored on the Internet.

Security experts told The Daily Mail the data breach would not only end marriages but could also leave people open to blackmail.

Singapore's Media Development Authority banned the Ashley Madison site in November 2013, saying it constituted an attack on "family values and public morality".

A version of this article appeared in the print edition of The Straits Times on August 21, 2015, with the headline 'Hackers post data of Ashley Madison clients'. Print Edition | Subscribe