The next couple of days is going to be very interesting for cheaters and divorce lawyers alike. AshleyMadison.com (AM), an online dating website for individuals who wish to have an affair, has fallen victim to a data breach. A hacker team known as the “Impact Group” carried out the breach. The hackers have been releasing data periodically containing users names, credit card transactions and have threatened to release more until their demands are met.
The hack happened in AM’s parent firm Avid Life Media (ALM). Little is known about how the hackers managed to get inside AM’s database. The file dump was stripped of identifying metadata and posted on the deep web using the TOR browser. ALM Chief Executive Noel Biderman confirmed that a data breach has happened and are conducting an investigation with relevant authorities. In the following message, the hacking group demanded that AM owners take down their site Ashleymadison.com and their affiliated site Establishedmen.com.
“We are the Impact Team. We have hacked them completely, taking over their entire office and production domains and thousands of systems, and over the past few years have taken all customers information databases, complete source code repositories, financial records, documentation, and emails, as we prove here, And it was easy. For a company whose main promise is secrecy, it’s like you didn’t even try, like you thought you had never pissed anyone off.”
Security analysts were able to retrieve a PGP key (Figure 2) from the original data dump and confirmed that the subsequent data dumps are from the hacker group. Birdman believes that it is possible that someone with inside access to ALM’s database is responsible for the leak. On an interview with technology site Motherboard, Impact Group states they have over 300gb of user data including messaging and pictures. The group also points out at how little security the site has. The spokesperson commented how they tried their best to make an untraceable attack only to find no security.
The fallout from the AM hack has been affecting millions of user. Many of the email addresses retrieved are registered on governmental or academic organizations. The information retrieved includes names, addresses, credit card transactions, pictures and messages. Numerous accounts have appeared on the web from users who have been affected by the breach. One of the higher profile cases is of Josh Duggar, former cast member of the show “19 Kids and Counting”. Another user, Donald Bradshaw, committed suicide following the release of his information. The hacker group stated it will continue to release information while AM is still running. As of now, the website is still up and running bringing great despair to its users.