Ashley Madison Leak: Searching Hacked Database By Name Or Email Is Easy, But Experts Warn It Could Be Dangerous

The Ashley Madison leak continues with new information added seemingly by the hour, but though the hacked database of users is easy to search by name or email, experts warn that checking the list could lead to big trouble.

Hackers gained access to user information for the dating site several weeks ago, threatening to make it public if the company didn’t meet their demands.

That database hit the web this week, with now two additional leaks giving even further information. Those who want to search the Ashley Madison database have a number of options, with several sites hosting the information, but experts warn that it considered stolen property and very likely illegal.

As USA Today explained, it could be dangerous for those who go poking around the leaked information.

“The Ashley Madison databases were initially only available via Tor browsers, or Internet browsers that allow users to access information without making visible their Internet addresses. Since being posted, the databases have also been shared via the file-sharing system BitTorrent. It’s a legitimate way to move large files around, but users who aren’t familiar with it, and with the Dark Web, could potentially expose themselves to malicious software without realizing it.

“If you know what you’re doing, it’s probably not dangerous. If you don’t, it could be,” said Jonathan Cran, vice president of operations at Bugcrowd, a San Francisco-based computer security company.

“There’s certainly a reputation amongst torrent sites that there’s more danger of being infected with malware or spyware,” said Cran.

Ashley Madison bills itself as a dating site for married people, encouraging infidelity. The site has come under fire for its lack of security and for its apparently fraudulent charges. The Verge noted that the site made millions of dollars off a $19 “full delete” option that didn’t actually get rid of user data.

Searching the Ashley Madison database itself is illegal, experts say, and roughly the equivalent of watching an illegally pirated movie. But like those who watch movies online, people trying to see if they know anyone signed up for the Ashley Madison site are unlikely to be targeted.

Still, the threat of possible malware or even charges isn’t stopping people from searching the Ashley Madison database. Some of the sites available to search it — including Trustify, Cynic.al, and Have I been pwned? — are so overrun with users that they are very slow to respond.

[Picture by Adam Berry/Getty Images]