Ashley Madison, which uses the advertising slogan
"Life is short. Have an affair," said Monday it had been attacked and
some user data was stolen.
So far, though, it isn't easy to find the
exposed cheaters online. That could change soon if the hackers decide to
publish the information on a public website.
Brian Krebs, the blogger who first reported the breach, said the hackers were threatening to release all Ashley Madison's customer records if the website isn't shut down.
The hackers called themselves the "Impact Team," and the potential
release includes "profiles with all the customers' secret sexual
fantasies and matching credit card transactions, real names and
addresses, and employee documents and emails."
In a statement,
Avid Life Media, the parent company, said: "At this time, we have been
able to secure our sites, and close the unauthorized access points. We
are working with law enforcement agencies, which are investigating this
Ashley Madison is a dating website, with one important twist: Instead
of connecting eligible singles, it caters to married people interested
in having an affair. The site claims to have 37 million members, and has
in the past bragged about its data security.
The site is an obvious target for hackers. After all, its databases have enormous potential for use in blackmail schemes.
The hackers -- or hacker, perhaps -- appear to be upset over the
company's "full delete" service, which promises to completely erase a
user's profile, and all associated data, for a $19 fee.
Delete netted [Avid Life Media] $1.7 million in revenue in 2014. It's
also a complete lie," the hackers were quoted as saying in a manifesto
published by Krebs. "Users almost always pay with credit card; their
purchase details are not removed as promised, and include real names and
address, which is of course the most important information the users
On Monday afternoon, the company defended the service, and also said it would make it free.
Avid Life Media also said that it had hired "one of the world's top IT security teams" to work on the breach.
The hack follows a similar event in March, when more than 3.5 million
people's sexual preferences, fetishes and secrets were exposed after dating site Adult FriendFinder was hacked.
Adult FriendFinder, which boasts 64 million members, claims to have
"helped millions of people find traditional partners, swinger groups,
threesomes, and a variety of other alternative partners."
Included in the exposed personal information are customers' email
addresses, usernames, passwords, birthdays and zip codes, in addition to
their sexual preferences.