It was a website created for those seeking lust and sin. Now the tables have been turned and the hackers are winning and those who sought sin in the past may be seeking a new place to sleep tonight.
A group of blackhat hackers stole AshleyMadison.com’s clients and threatened to leak the data if they were not paid in bitcoins. In the end the hackers made good on their threat to release the data if they were not paid and did so on August 18, 2015. The total data dump was 9.7 GB. The data was released on the dark web using an Onion address which for those familiar with Silk Road can only be viewed using a Tor browser.
“Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails,” The hackers wanted money and to expose ALM but they did not give in as the wrote the above message when posting the data yesterday.
The details of clients that were leaked included seven years of signups that included over 30 million users. There were names, street addresses, email addresses, the amount paid, and a unique transaction ID or the last 4 of their credit card information.
Anybody listed on the website was there for the purposes of having a clandestine hookup. “Have an Affair today on Ashley Madison. Thousands of cheating wives and cheating husbands signup everyday looking for an affair…. With Our affair guarantee package we guarantee you will find the perfect affair partner.”
An interesting fact out of the leaked data is that 15,000+ email addresses are government emails or military emails that end in .GOV or .MIL. Given the fall of general Petraeus with his Gmail scandal this comes as little to no surprise.
Data included on top of sensitive personal information and credit card billing data is the actual descriptions of what those who were unhappy at home were seeking. This includes those who posted details of being unhappy at home and looking for somebody to fill in their needs for a one night a week escape. One profile said “I’m not happy at home and need a man who can please me.”
Thats not to say that this profile was real as Ashley Madison has been called out for having 90-95% fake profiles on the female side with a 90% guy to girl ratio on the website. Now with this leak those numbers will come out as each profile is coded with an encryption key to showcase if it is a real profile or not.
Silver Lining in all of this?
Believe it or not they did protect the passwords of their members using BCYPT which is a strong form of hashing that has made it difficult for the hackers to crack the passwords as of today.
The biggest beneficiaries of this are Cyber Security Companies, Internet Defamation Attorneys, Reputation Companies that can remove data, and of course the biggest smiling beneficiaries of all of this are Divorce Attorneys.
Have you been affected by the Ashley Madison hacking scandal? If so leave your comment below on how this has affected you.