A dating website that helps married people cheat has been hit by hackers who threatened to release information about millions of customers.
Ashley Madison, which uses the advertising slogan "Life is short. Have an affair," said Monday it had been attacked and some user data was stolen.
Brian Krebs, the blogger behind Krebs on Security, first reported the breach late on Sunday. Krebs said the hackers posted some data and were threatening to release all Ashley Madison's customer records if their demands were not met.
"We were recently made aware of an attempt by an unauthorized party to gain access to our systems," Avid Life Media, the parent company of Ashley Madison, said in a statement. The company said that while it had stringent security measure in place, they "have unfortunately not prevented this attack."
"At this time, we have been able to secure our sites, and close the unauthorized access points," company said. "We are working with law enforcement agencies, which are investigating this criminal act."
Ashley Madison is a dating website, with one important twist: Instead of connecting eligible singles, it caters to married people interested in having an affair. The site claims to have 37 million members, and has in the past bragged about its data security.
The site is an obvious target for hackers. After all, its databases have enormous potential for use in blackmail schemes.
The hackers -- or hacker, perhaps -- appear to be upset over the company's "full delete" service, which promises to completely erase a user's profile, and all associated data, for a $19 fee.
"Full Delete netted [Avid Life Media] $1.7 million in revenue in 2014. It's also a complete lie," the hackers were quoted as saying in a manifesto published by Krebs. "Users almost always pay with credit card; their purchase details are not removed as promised, and include real names and address, which is of course the most important information the users want removed."
The hackers called themselves the "Impact Team." If Ashley Madison is not taken offline, they have threatened to "release customer records, including profiles with all the customers' secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails."
In a later statement Monday, Avid Life Media said that it had hired "one of the world's top IT security teams" to work on the breach, and had successfully removed all posts by the hackers that contained user data. It gave no further details.
The hack follows a similar event in March, when more than 3.5 million people's sexual preferences, fetishes and secrets were exposed after dating site Adult FriendFinder was hacked.
Adult FriendFinder, which boasts 64 million members, claims to have "helped millions of people find traditional partners, swinger groups, threesomes, and a variety of other alternative partners."
Included in the exposed personal information are customers' email addresses, usernames, passwords, birthdays and zip codes, in addition to their sexual preferences.
Curious why the FriendFinder hack makes you mad but not Ashley Madison. Why the differentiation?
Because FriendFinder doesn't exist solely to help people have affairs and then erase the evidence. It's simply an explicit dating site and I don't have a problem with that in the least.
I want to be all WHATEVA about this but once again we learn that a large online database of sensitive information was not adequately protected. No one takes the internet seriously. It's 1992 up in this joint and I'm tired of it.
I want to be all WHATEVA about this but once again we learn that a large online database of sensitive information was not adequately protected. No one takes the internet seriously. It's 1992 up in this joint and I'm tired of it.
the giant running wang in your sig pic is making it really hard for me to take your post seriously
Post by omgzombies on Jul 20, 2015 11:27:03 GMT -5
If I had to check, he wouldn't be my SO
I might peruse the list to see there's anyone I know. But I'm also lazy, so there's a very good chance I won't bother. It seems like a lot of work to parse through 35 million people to find dirt on someone else's relationship when I don't really care that much.