Hackers calling themselves “The Impact Team” announced on July 15th that it has compromised the extramarital affair site AshleyMadison.com, and companion sites Cougar Life and Established Men, including absconding with up to 37 million users’ financial records. The sites promised that for an extra $19.99, users could completely remove their site usage history and personally identifiable information from the site, but the hackers stated that users’ real names and addresses aren’t scrubbed and have been compromised. The hackers proved the point by releasing some of the users’ data online and announcing. “[F]ull Delete netted ALM $1.7mm in revenue in 2014. It’s also a complete lie. Users almost always pay with a credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.” The hackers further demanded that Ashley Madison and Established Men be taken off line permanently, or “we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails…with over 37 million members, mostly from the US and Canada, a significant percentage of the population is about to have a very bad day, including many rich and powerful people.” 37 million very nervous users. But really, why would anyone think their information can be kept safe in these times?
The parent company of the Ashley Madison site has confirmed the intrusion, calling it a “criminal act.” It has issued a statement indicating that it is investigating the intrusion, and working with forensic experts and law enforcement. Early reports surmise that a culprit was either an employee or a contractor. It acknowledged the breach, but stated “[A]t this time, we have been able to secure our sites, and close the unauthorized access points.” But 37 million users, who have used sites touted to assist with extramarital affairs, alleged prostitution, cougar dating, gay dating, swapping for swingers, and overweight dating have had their data compromised. Ouch.