Online dating site Ashley Madison, which specialises in adultery and has the tagline “Life is short. Have an affair”, has been the victim of a cyber attack.
A group calling themselves The Impact Team claims it has complete access to Ashley Madison’s database of more than 37 million members, as well as financial records and other personal information that it is threatening to publish online unless the site closes.
The group has also compromised two other dating sites; Cougar Life and Established Men, that are owned by the same parent company; Avid Life Media (ALM).
Ashley Madison’s Canadian parent, Avid Life Media, confirmed the breach on its systems and said it had since secured its site and was working with law enforcement agencies to try to trace those behind the attack.
The hackers said in a statement: “Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails. The other websites may stay online.”
The hackers’ main issue with the controversial site appears to be a leavers’ fee that Ashley Madison charges users. The site offers a “full delete” of data for $15 should a user choose to leave the service permanently. Although it is possible to be anonymous on the site for free, the site says the delete service is the only way to completely remove data from their servers.
But The Impact Team has said this is a “complete lie”, and claims that details such as real name and address are never deleted — information the hackers suggest is likely to be “the most important” that users want removed.
In their own statement, ALM said: “We apologise for this unprovoked and criminal intrusion into our customers’ information. The current business world has proven to be one in which no company’s online assets are safe from cyber-vandalism, with Avid Life Media being only the latest among many companies to have been attacked, despite investing in the latest privacy and security technologies.
“At this time, we have been able to secure our sites, and close the unauthorised access points. We are working with law enforcement agencies, which are investigating this criminal act. Any and all parties responsible for this act of cyber-terrorism will be held responsible.”
In a 2012 study by online rights campaign group EFF, Ashley Madison was praised for the way it deleted data after a user closed their account.