Ashley Madison is an online dating website that helps married people cheat on their spouses. It’s making headlines not only for its controversial purpose, but for an apparent cyber-attack. A group of online anonymous hackers, going by the name Impact Team, is threatening to release personal information about the site’s 37 million users.
The tagline for Ashley Madison is “Life is Short. Have An Affair.” The controversial online dating service has been advertised on television, radio, and on billboards. The online dating service, which was originally founded on confidentiality and privacy among cheaters, is now in danger of having people’s personal information released. The hackers are threatening to release records of the adulterers unless Ashley Madison goes down for good. The alleged hackers also included a list of demands that the company must meet.
Ashley Madison launched in 2001. The site was created from the two popular names “Ashley” and “Madison.” The site has one goal: to help married people “find someone” to cheat with. Ashley Madison claims that they “GUARANTEE that you will successfully find what you’re looking for or we’ll give you your money back.” However, the fine print states that users must purchase the most expensive package, send “priority” messages to 18 different members for the next three months, send 5 Ashley Madison gifts per month, and engage in 60 minutes of paid chat each month. Some members noticed how difficult that can be, especially if they can’t find someone they’re interested in.
Ashley Madison’s online dating model is more based on credits rather than monthly subscriptions. The man in the conversation must pay credits to begin the conversation. Any follow-up messages between the two are free after the communication has begun. Ashley Madison also issued a real time chat feature that’s metered by minutes. Users must purchase credits to pay for a certain amount of chat time.
The Impact Team left a long message about their intentions. The text of the statement is NSFW, and accessible at Krebs on Security‘s post.
There are ways to escape being exposed on Ashley Madison, although it’s difficult and next to impossible. Unless users know how to opt out of the “Ashley’s Angels” feature, the site’s Terms and Conditions state that only guest users can delete their accounts. The site also charges paid subscribers to delete their accounts, although the accounts can be hidden for free.
But with all things, there is a loophole. It turns out that Ashley Madison’s delete option doesn’t really work. Impact Team released a statement claiming that the site’s “Full Delete” option doesn’t work. For $19, users can have their information erased from the website. According to the hackers, Ashley Madison doesn’t erase this information, which is part of the leak threat.
The company insists that Ashley Madison has a high level security. In wake of the hack, the company released a statement admitting its mistake.
“We were recently made aware of an attempt by an unauthorized party to gain access to our systems. We immediately launched a thorough investigation utilizing leading forensics experts and other security professionals to determine the origin, nature, and scope of this incident.We apologize for this unprovoked and criminal intrusion into our customers’ information. The current business world has proven to be one in which no company’s online assets are safe from cyber-vandalism, with Avid Life Media being only the latest among many companies to have been attacked, despite investing in the latest privacy and security technologies.
We have always had the confidentiality of our customers’ information foremost in our minds, and have had stringent security measures in place, including working with leading IT vendors from around the world. As other companies have experienced, these security measures have unfortunately not prevented this attack to our system.At this time, we have been able to secure our sites, and close the unauthorized access points. We are working with law enforcement agencies, which are investigating this criminal act. Any and all parties responsible for this act of cyber–terrorism will be held responsible.
Avid Life Media has the utmost confidence in its business, and with the support of leading experts in IT security, including Joel Eriksson, CTO, Cycura, we will continue to be a leader in the services we provide. I have worked with leading companies around the world to secure their businesses. I have no doubt, based on the work I and my company are doing, Avid Life Media will continue to be a strong, secure business.”
This isn’t the first time that a controversial online dating site has become the subject of a hacking. Back in May, 2015, it was reported that adult sex site Adult Friend Finder suffered a hack that compromised over 3.5 million user accounts, which included detailed information about their fetishes and sexual fantasies.
This could be the worst data breach in recent history. Not only will the hackers release detailed personal information, but it will expose many of the adulterers who use Ashley Madison.
[Image: Sean Gallup / Getty Images]