TECH
07/20/2015 05:12 am ET Updated Aug 03, 2015

Cheating Website AshleyMadison.com Hacked; 37 Million Users Now Vulnerable

Group also vows to publicly release customer information for hookup site EstablishedMen.com unless both sites are taken down.

Hackers have threatened to expose the identities and sensitive information of millions of AshleyMadison.com users unless the online cheating site shutters its doors.

AshleyMadison.com (tagline: “Life is short. Have an affair”) boasts more than 37.5 million users worldwide. On Sunday, the hookup site’s owner, the Toronto-based Avid Life Media, confirmed that data had been stolen from the company, including user databases, financial records and other proprietary information.

Krebs On Security, a blog run by former Washington Post cybercrime reporter Brian Krebs, said the hackers have already leaked some of this information online, and vow to continue to do so unless Avid Life Media -- which also runs the hookup site EstablishedMen.com -- takes both sites down. 

“Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails,” the hackers, who call themselves “The Impact Team” said. 

The hackers explained that they decided to target Avid Life Media because the firm has allegedly been lying to customers with their “Full Delete” feature on AshleyMadison.com. The site gives customers the option to delete their profile and usage history for a $19 fee. However, the hackers claim that while a customer’s profile information is removed, their credit card details remain online. 

“Full Delete netted ALM $1.7mm in revenue in 2014. It’s also a complete lie,” the hackers wrote. “Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.”

In its ultimatum to Avid Life Media, the hackers promised to publicly release the data and embarrass the company's customers.

“Too bad for those men, they’re cheating dirtbags and deserve no such discretion. Too bad for ALM, you promised secrecy but didn’t deliver,” they wrote, per Krebs On Security. “We’ve got the complete set of profiles in our [database] dumps, and we’ll release them soon if Ashley Madison stays online. And with over 37 million members, mostly from the US and Canada, a significant percentage of the population is about to have a very bad day, including many rich and powerful people.”

At press time, both AshleyMadison.com and EstablishedMen remain online.

Avid Life Media told Mashable that they have have managed to “secure” their sites and have since closed “the unauthorized access points.”

“We apologize for this unprovoked and criminal intrusion into our customers’ information," the company said. "We ... have had stringent security measures in place, including working with leading IT vendors from around the world. As other companies have experienced, these security measures have unfortunately not prevented this attack to our system. At this time, we have been able to secure our sites, and close the unauthorized access points. We are working with law enforcement agencies, which are investigating this criminal act.”

AshleyMadison.com was founded in 2001. According to the site, it is the “the most successful website for finding an affair and cheating partners … Thousands of cheating wives and cheating husbands sign up everyday looking for an affair.”

 

Also on HuffPost: 

PHOTO GALLERY
Anonymous Unmasked
CONVERSATIONS