Ashley Madison, a Canadian-based extramarital affair website may be on the hook for a data breach that could affect over 37 million of its users.
The Group Responsible for the Ashley Madison Hack
According to KrebsOnSecurity.com, a group called the Impact Team claimed responsibility for hacking into the site and stealing sensitive user data, including credit cards, names, addresses, salary information and information containing users’ secret sexual fantasies.
The data breach occurred at Avid Life Media (ALM), the Toronto Based media company that owns AshlyMadison.com, as well as courgarlife.com and establishedmen.com.
The hack is believed to have impacted all three websites.
One of the main reasons for the data breach is the 19 dollar fee imposed by Ashley Madison to permanently remove a user’s profile from the site; according to the hacker group:
“Full Delete netted ALM $1.7mm in revenue in 2014. It’s also a complete lie…. Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.”
The group has begun to publish users’ data, and has threatened to continue to publish more information until ALM shuts down AshleyMadison.com and establishedmen.com:
“Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails. The other websites may stay online.”
Avid Life Media’s CEO Noel Biderman confirmed the breach and stated that the company was “working diligently and feverishly” to delete any and all links released by the hacker group.
This data breach comes on the heals of the attack on Adult Friend Finder in which hackers obtained and exposed the confidential information of over 3 million subscribers.