Attention, 37 million users of the notorious affair website Ashley Madison: time to start sweating. According to a report from Ars Technica, the personal data pilfered during the hack is now available online, released as a BitTorrent file earlier today.
According to the report, a 10GB file chock full of personal data — emails, member profiles, transaction data and the like — is now available though neatly searchable documents. Those who executed the attack, a group of hackers named The Impact Team, released the data after Avid Life Media, which owns Ashley Madison, failed to take down Ashley Madison and related sugar daddy site Established Men as requested (the sugar mama equivalent in ALM’s arsenal, Cougar Life, was not named in Impact Team’s request).
Europe, are you ready?
TNW Conference is back for its 12th year. Reserve your 2-for-1 ticket voucher now.
Impact Team warns that some of the data could be falsified, especially data about women:
Find someone you know in here? Keep in mind the site is a scam with thousands of fake female profiles. See Ashley Madison fake profile lawsuit; 90-95% of actual users are male. Chances are your man signed up on the world's biggest affair site, but never had one. He just tried to. If that distinction matters.
But that hasn’t made the identities of those going through the hack any less interesting.
Wait, am I getting these numbers right – Re: Ashley Madison – 15,000 gov / mil addresses? I’m at like 14,900+ anyone confirm?
— Steve Ragan (@SteveD3) August 18, 2015
One of the most damaging aspects of the Impact Team’s hack is that the group apparently nabbed personal information of users who had paid $19 to delete all of their user data on the site. While users ponied up to ensure their partners never caught wind of their attempts to cheat, successful or otherwise, ALM apparently kept that user data locked within its servers. The feature brought ALM $1.7 million in revenue, but Impact Team believes it did not work as advertised.
The credit card data involved in the hack as been confirmed as real, according to PasswordsCon founder Per Thorshim:
— Per Thorsheim (@thorsheim) August 18, 2015
The fallout for ALM and Ashley Madison has already been severe: seeking an IPO as recently as April of this year, the hack has been an embarrassing moment that seems to have halted that process. Will the adulterers ever recover?