19
Jul 15

Online Cheating Site AshleyMadison Hacked

Large caches of data stolen from online cheating site AshleyMadison.com have been posted online by an individual or group that claims to have completely compromised the company’s user databases, financial records and other proprietary information. The still-unfolding leak could be quite damaging to some 37 million users of the hookup service, whose slogan is “Life is short. Have an affair.”

ashleymadison

The data released by the hacker or hackers — which self-identify as The Impact Team — includes sensitive internal data stolen from Avid Life Media (ALM), the Toronto-based firm that owns AshleyMadison as well as related hookup sites Cougar Life and Established Men.

Reached by KrebsOnSecurity late Sunday evening, ALM Chief Executive Noel Biderman confirmed the hack, and said the company was “working diligently and feverishly” to take down ALM’s intellectual property. Indeed, in the short span of 30 minutes between that brief interview and the publication of this story, several of the Impact Team’s Web links were no longer responding.

“We’re not denying this happened,” Biderman said. “Like us or not, this is still a criminal act.”

Besides snippets of account data apparently sampled at random from among some 40 million users across ALM’s trio of properties, the hackers leaked maps of internal company servers, employee network account information, company bank account data and salary information.

The compromise comes less than two months after intruders stole and leaked online user data on millions of accounts from hookup site AdultFriendFinder.

In a long manifesto posted alongside the stolen ALM data, The Impact Team said it decided to publish the information in response to alleged lies ALM told its customers about a service that allows members to completely erase their profile information for a $19 fee.

According to the hackers, although the “full delete” feature that Ashley Madison advertises promises “removal of site usage history and personally identifiable information from the site,” users’ purchase details — including real name and address — aren’t actually scrubbed.

“Full Delete netted ALM $1.7mm in revenue in 2014. It’s also a complete lie,” the hacking group wrote. “Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.”

Their demands continue:

“Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails. The other websites may stay online.”

A snippet of the message left behind by the Impact Team.

A snippet of the message left behind by the Impact Team.

It’s unclear how much of the AshleyMadison user account data has been posted online. For now, it appears the hackers have published a relatively small percentage of AshleyMadison user account data and are planning to publish more for each day the company stays online.

“Too bad for those men, they’re cheating dirtbags and deserve no such discretion,” the hackers continued. “Too bad for ALM, you promised secrecy but didn’t deliver. We’ve got the complete set of profiles in our DB dumps, and we’ll release them soon if Ashley Madison stays online. And with over 37 million members, mostly from the US and Canada, a significant percentage of the population is about to have a very bad day, including many rich and powerful people.”

ALM CEO Biderman declined to discuss specifics of the company’s investigation, which he characterized as ongoing and fast-moving. But he did suggest that the incident may have been the work of someone who at least at one time had legitimate, inside access to the company’s networks — perhaps a former employee or contractor.

“We’re on the doorstep of [confirming] who we believe is the culprit, and unfortunately that may have triggered this mass publication,” Biderman said. “I’ve got their profile right in front of me, all their work credentials. It was definitely a person here that was not an employee but certainly had touched our technical services.”

As if to support this theory, the message left behind by the attackers gives something of a shout out to ALM’s director of security.

“Our one apology is to Mark Steele (Director of Security),” the manifesto reads. “You did everything you could, but nothing you could have done could have stopped this.”

Several of the leaked internal documents indicate ALM was hyper aware of the risks of a data breach. In a Microsoft Excel document that apparently served as a questionnaire for employees about challenges and risks facing the company, employees were asked “In what area would you hate to see something go wrong?”

Trevor Stokes, ALM’s chief technology officer, put his worst fears on the table: “Security,” he wrote. “I would hate to see our systems hacked and/or the leak of personal information.”

In the wake of the AdultFriendFinder breach, many wondered whether AshleyMadison would be next. As the Wall Street Journal noted in a May 2015 brief titled “Risky Business for AshleyMadison.com,” the company had voiced plans for an initial public offering in London later this year with the hope of raising as much as $200 million.

“Given the breach at AdultFriendFinder, investors will have to think of hack attacks as a risk factor,” the WSJ wrote. “And given its business’s reliance on confidentiality, prospective AshleyMadison investors should hope it has sufficiently, er, girded its loins.”

Update, 8:58 a.m. ET: ALM has released the following statement about this attack:

“We were recently made aware of an attempt by an unauthorized party to gain access to our systems. We immediately launched a thorough investigation utilizing leading forensics experts and other security professionals to determine the origin, nature, and scope of this incident.”

“We apologize for this unprovoked and criminal intrusion into our customers’ information. The current business world has proven to be one in which no company’s online assets are safe from cyber-vandalism, with Avid Life Media being only the latest among many companies to have been attacked, despite investing in the latest privacy and security technologies.”

“We have always had the confidentiality of our customers’ information foremost in our minds, and have had stringent security measures in place, including working with leading IT vendors from around the world. As other companies have experienced, these security measures have unfortunately not prevented this attack to our system.”

“At this time, we have been able to secure our sites, and close the unauthorized access points. We are working with law enforcement agencies, which are investigating this criminal act. Any and all parties responsible for this act of cyber–terrorism will be held responsible.”

“Avid Life Media has the utmost confidence in its business, and with the support of leading experts in IT security, including Joel Eriksson, CTO, Cycura, we will continue to be a leader in the services we provide. “I have worked with leading companies around the world to secure their businesses. I have no doubt, based on the work I and my company are doing, Avid Life Media will continue to be a strong, secure business,” Eriksson said.”

Tags: , , , , , ,

798 comments

  1. Great guys against injustice. They could help humanity against políticians as well.

  2. Anonymous bobby

    Omg! So much single mindedness here! No one is completely moral. So what if there is a site that enables people to cheat? Might as well burn down nightclubs, and poison the water coolers at the office….if someone wants to cheat, they’ll find a willing participant anywhere, including Facebook (try searching for “married but looking” groups sometime) The only thing worse than people committing “immoral” acts or making “immoral” decisions are the activists against them. But hey; let’s continue to judge. It provides for a lot of entertainment.

  3. Many of the people on AM are probably single.

    Looking forward to the day when guys who pull this crap get their tongues and eyes cut out.

  4. i am sorry please don’t release my details my left hand just didn’t seem to please me any more i needed something different and my right hand was right there looking as fine as ever i gave into my lust and fucked the shit out of it please don’t seperate us we need each other for special reasons wink wink

  5. The hackers have them by the balls…this company is so fucked. Ashley Madison is more then likely the bulk of their earnings. Never heard of the other sites TBH. No road other then finding these guys and seizing all stolen data before they put in some sort of contingency plan in place to release the data if they are caught .. which they probably did right away… they are screwed and will have to give in to the demands. Otherwise the data gets released and their integrity if forever ruined, along with many angry customers who will probably sue for one reason or another. Bankrupt .. sell those stocks boys.

    • its way too late to sell those stocks. Theyre worthless now.

    • Is it bad timing to try and capitalize on AM’s misfortune? The fact that they have 36 MM users proves that there is a demand.

      So – When I say check out The Tiki Hookup App – iOS: https://goo.gl/KnCm0P; Android: https://goo.gl/II964r – am I a sleazeball or an entrepreneur or maybe both?

      And by the way, we don’t collect or store personally identifiable information – we don’t want that burden.

      We make mobile hookups fun. Give it a try.

    • Nope. Very little info gets posted, and will be taken down quickly anyway. Very dangerous for the hackers. They will be caught, but not before selling the data, which is their original intent anyway.

  6. I just sent a interesting post, but it’s not here

  7. Here’s my post:

    Way to go IMPACT TEAM!!!!!!

    You did a lot of people in this world a huge favor. I think that the Impact team should just go ahead and release the whole shibang. I caught my soon to be ex-husband on a sugar daddy website. I will not name it here, as I did in my previous post and maybe that is why it is not here.

    My soon to be ex was offering “young university students and single mothers $3,000-$5,000 a month to have sex with him. Let me tell you that is more than I got when I was married to him for 20 years. He has no idea all of the evidence I have on him.

    He should have been smarter than to go on those sites on our home computer, What an idiot. I would not be surprised to find out that he was on Ashley Madison and Adult friend finders and all the rest of them as well.

    I for one am glad I know the truth that my husband was soliciting prostitution. It opened my eyes, let me tell you. I read his messages that he sent to other women and they made me sick. I am actually grateful that I found out so know I am suing him for every penny I can get. Good On Ya IMPACT TEAM!!!! Release everything in give all women a chance to find out the truth.

    • I am actually grateful that I found out so know I am suing him for every penny I can get”’

      well your a lovely person, cant just end the relationship and move on, you have to completely ruin the life of someone else.

      cheating is not good, but neither is a money whore, maybe he cheated on you because all you cared about is money.

      a relationship is two way, both parties are to blame.

    • yeah steal his hard earned money and cripple the poor bloke into debt and an early grave, you evil wench, you got cheated on these things happen in life

      • james
        July 22, 2015 at 10:01 am
        yeah steal his hard earned money and cripple the poor bloke into debt and an early grave, you evil wench, you got cheated on these things happen in life

        – – – – – –
        Shut the hell up, you idiot. As if you wouldn’t do the EXACT SAME THING if you found out your wife of 20 years was soliciting sex from other men. Seems like a fair enough punishment to me for ripping someone’s heart out and creating an extreme upheaval of their life. Speaking of which, you need one BAD!

        • Hegotwhathedeserved

          Nono.If you have no balls to work on your relationship and communicate with your spouse then you don’t deserve shit. don’t waste someones time because you don’t know what you want or your too much of a coward to ask for what you want from someone you promised to spend your life with.

      • “Wench?”

      • And if you found out your wife was using the site and if you’re not married how about someone else’s wife…what would you the call the man for wanting to exact his revenge…if one does not have the balls to leave their spouse and prefers infidelity to communication than that person should get everything coming to them…male or female.

        What if that “Evil Wench” as you call her is a stay at home with four kids and hubby controls all the money…what do you think she should do other than sue his ass for alimony and child support…seriously bud…you obviously haven’t thought this through…

        On another note…if it was your wife cheating on you what would you do if she passed on an STD to you she caught from someone else…what if..God forbid..she caught aids from one of her affairs and passed that on to you…would you still think you would just walk away.

        There is more here than just infidelity…there are some serous medical complications that can affect so many without their permission or knowledge that can do more than just ruin a relationship…it can kill you.

        Walking away from this issue is not the answer…you never know how it feels unless you have been on the receiving end…I seriously wonder what you would do if it were you being cheated on…the trust you would lose not only in your wife but in other women you may date in the future…how do you put a cost on the mental anguish and future trust or medical issues you may not be aware of now….

        Like a lot of people James you have not thought out anything except the “Evil Wench” will take you to the cleaners without thought of how many things can go wrong with a cheating spouse and the spouse he/she leaves behind…

    • <>

      Because you first made a monetary comparison, you must be comfortable with the results of this line of reasoning.

      And the results are that your services are not worth that money to him, and theirs are.

    • Also, this man-hating perspective is completely unjustified by data.

      For men to be adulterous, there must be as many women who are.

      For the sake of objectivity and intellectual honesty, sprinkle your shower of derogatory filth on them as well.

      • “For men to be adulterous, there must be as many women who are. ”

        This is the stupidest thing I’ve read today. Did you even think before you typed that?

      • The Ashley Madison data breach is much, much more threatening to men than women, because women don’t get charged to use the site. So, there is no need for women to give their “real names”, which men do in order to charge the membership to their credit cards.

        Most members are smart enough to use different email accounts that can’t be traced back to their real-world identity. It’s the credit card data that will ruin lives.

    • Wow, guess you were terrible at pleasing your husband. how sad.

    • Do you honestly think that website made your soon-to-be ex-husband cheat on you, kinda like guns kill people (as opposed to people kill people)

    • Your post made my day! Such a fair victory.

      I do congrat the success of those hackers; I was unaware until today that this kind of websites existed, and even, with million of users. Such indignity to make business with infidelity!

      I hope more stories like yours spread over the web, for is a sweet victory for the honest and the thruth itself.

    • Not just women. Remember that please.

    • Well put Kat! He deserves to be stripped of all his money and all possible sources of support — physical, emotional, financial, etc.! Grab every penny you can from this filthy, stinking, degenerate subhuman vermin scum and spread his vile name all over the world under the banner of “serial adulterer and hooker-fucker”! May he commit suicide from despair to show what a gutless turd he really is!

      • Startup Rockstar

        You obviously haven’t had two chicks at the same time. Everyone has their place in this world. They weren’t a good fit if he wanted an open relationship and she didn’t

        Next time you try to crucify someone, think about Jesus. And Hitler. They held themselves above people too. So what, we should crucify cheaters? Start a Salem witch hunt?

        Next time you want to sound like a pussy, I suggest you purr to a cat. Maybe they won’t be dumber for trying to listen.

    • Go for it Kat! No punishment is severe enough for adultery — not even an eternity in Seventh Hell!

      It is ESSENTIAL to throw this lying, thieving, hooker-fucking piece of trash to the wolves! He must have Seventh Hell on earth until he takes his dying breath, then Seventh Hell for all eternity in the next world with no chance at any further redemption! Anything different is a direct middle finger to G-d Himself!

    • money is all you need

      same old history…. woman want ex husband money… end

    • Sorry Kat, but the small amount of data that actually gets posted will be taken down quickly anyway. The hackers wiil just sell the credit card info and then will be caught soon after. But hey, thanks for playing.

  8. I cant believe the moral crusaders on here. Firstly the site customers are victims of the company’s ‘false deletion’ scam. Secondly, probably only 1% of people in the site are active users. Maybe less than 1% have actually met someone from there. Opening an account doesnt mean anything.

  9. If the organization was actually charging a fee to have the accounts deleted, or not doing it, they deserve to come down. I don’t care if they were charging users 20 cents to delete their accounts. Let alone what kind of business they’re in. I hope the Sugar Daddy sites are next or have been breached. What if hackers went against a child or human trafficking site or real terrorists? It depends on what you consider fight and wrong I guess.

    • I think that it has more to do with the fact that website owners like the ones that own Ashley Madison aren’t going to send someone to murder you in retaliation for your actions if they find out who you are. I doubt it is because hackers think cheaters are evil and deserve to go down more so than terrorists and human traffickers. It seems a lot more likely that the reasons are based in risk and level of difficulty.

  10. Let the fun begin !
    I hope it all gets leaked out !!!
    Shouldn’t of gave a warning ..
    I hear this site is so dirty if you hear your partner coming in the room you click a button in a corner or something and it brings you to a whole different site like a vacation page or something ….

    • “Shouldn’t of gave a warning.”

      You should have stayed in school.

    • Well Jessica, there is an old saying. It’s “The mind is a terrible thing to waste.” Apparently you didn’t get the memo. Pity.

  11. I find it laughable that most of these comments are targeted at men, the site has both men and women’s profiles. Both men and yes women can be cheaters folks. Honestly, in 2015 when we have so much media hype of letting stereotypes go some things don’t change.

    As for a breach in security, any hack no matter what site it happens to should be applauded. Tomorrow they could hack your daycare’s website because they don’t like private daycare and think it’s too expensive.

    Ashley Madison offers a service that is used by both genders, get off your moral clouds, and focus on the fact that when you put something on the Internet it isn’t yours anymore and has the potential to eventually be shared with millions.

    • I agree with your sentiment here. It’s both genders though men always get the focus on the stereotype. If hackers are applauded for this due to bogus moral ground, they may target other things that will affect those posting their “go hackers” drivel next and change their tune. Fact is that the company lied to customers regarding removing data which is a good thing to come to light. That should be the only thing to come to light and the company held accountable. The rest could easily be construed as innocent casualties.

    • FemaleAM-User

      Yes, there are plenty of female cheaters, but on Ashley Madison the ratio is at LEAST 70% men to 30% women.

      The men are the ones at risk here, because they have to use a real name to charge the membership to a credit card. For women, Ashley Madison membership is free, so they never collect your real name.

  12. Hey how about all the women on this site. Why just focus on the men. The site doesn’t exist without them.

    • This was addressed early on, but the message was buried in all the congratulatory posts for the hackers…

      It seems the vast majority of the women on the site get access for free and therefore there is no financial or credit-card information for them in the systems that were hacked.

      Also, without the need to verify credit cards, it’s easier for them to provide false information to protect themselves.

      Yes it’s a double standard, but that seems to be the way most if not all straight dating sites work. Obviously, gay dating sites don’t have this problem. 😉

    • I believe they’re what people usually refer to as feminazis. They believe only men cheat on women and if women cheat on men it’s because they had a good excuse to do so. They believe that without such a site, their husband would of never cheated on them, it’s all the site’s fault. Right Kat?

  13. Burn them down!

  14. Corey Beaulieu

    Have they determined whether DC/CC data has been exposed, yet? I’d be interested to see the corresponding CAMS alert in a few months :-0.

  15. This site is for men and women who are not happy at home but do not want to ruin lives of their children, lose their home …there are some that are just ass’s but others are looking for what is missing at home..for women, maybe a kind word, touching being loved…men..the same, sex. This has been going on for many years and keeping man made marriages together. Society has dictated we get married, originally why? For our assets…men had all the rights, this quickly morphed into what we were expected to do…. don’t judge others when you have not walked their path. The comment above is correct, what if someone decides daycare is too much…do we expose children’s information, what if someone doesn’t like what a store sells, do we expose that? These people will live with what they have done and the conseqences…so many people could be hurt here…not just the ones on line

    • Sally, that’s why businesses should take customers’ privacy seriously, but more important, they should be forced to make whole the damage they do when they harm customer assets when they have entered a contract to keep them safe…just good business to follow the offer you’ve made and taken money for and entered into as a contract. Period.

  16. RELEASE THEM ALL, HACKERS! Anyone stupid enough to trust their personal, intimate information with a site to help you commit adultery DESERVES to have their information exposed. By very nature, the site is 1) irresponsible and 2) deceptive. What is difficult about understanding this?

    If you’re going to get involved with adultery, the #1 priority is secrecy and discretion. Oh, but these folks are above that, you see. They can use this “new-tech” way to find a secret partner to schtoop! “All you dummies doing it the old way are just so lame!,” they said.

    ALL YOU PROPLE WHO LEFT YOUR PERSONAL INFORMATION ON ASHLEY MADISON: You deserve all the scorn, ridicule, broken relationships, loss of wealth, and all the other horrific things that will come to you when your information is released. Fools X 10.

    • You’re dead wrong, Ding Dong. Committing multiple felonies is never justified, regardless of your personal objections. The end.

  17. “Too bad for those men, they’re cheating dirtbags and deserve no such discretion,” the hackers continued.

    Cause, you know, women never cheat.

    • Yes, and woman cheat a lot. If not more than men!
      Feel awful for anyone stuck in this mess–theft victims and spouse/SO in the relationships.

  18. This is so freaking awesome. I think that they should release every bit of information on cheating spouses. Anyone who can pull off a hack like this is probably aware that there are probably 30,000 to 100,000 fake profiles (see catfish) that were used to slander innocent people, so I’d only ask them to use some degree of discretion before releasing information just so innocent lives and families aren’t ruined because some moron wants to frame someone else.

    Outside of that lone thing, I say that they should post an online portfolio of names with faces…Mugshots of sorts. Infidelity is a very ugly thing and it’s a very sad thing but it happens all the time. I opine that the group behind this should release the information whether the site comes down or not.

    The reason why I hold this sentiment is because it’s not fair to the spouse who isn’t cheating to have to unknowingly worry about what their significant other is really up to. I mean seriously- the cheater brings everyone and everything they’ve done wrong to bed, which is horrible because if the cheater catches the Clap, The Drips, The Crabs and the hepegonesyphillaids , they are knowingly exposing that shit to their significant other.

    I have a question for a cheater- Would you feel good about ruining a lot of lives outside of your wife and kids because you are not capable of monogamy? Would you be okay with exposing your significant other to any STD? Do you honestly think that you love your significant other when you are mowing other people’s lawns?

    I know one thing based upon observation about cheaters-

    You have the one time offenders who did it once (usually when the relationship appears to be going belly up,) and they own it, and they do all that they can to make amends and never repeat that transgression ever again because they discovered that the grass is not greener on the other side- it’s soiled and burned. Those types are either forgiven or they aren’t, but they learn the first time they made the mistake.

    I never cheated, but I have broken up with a great woman in a strained relationship to be in another one that didn’t last, she took me back, and I learned my lesson to such a degree that I refuse to make eye contact with other women in any capacity with regards to interaction like passing one and saying “excuse me” or when I’m running errands. Outside of a few female friends (I have few,) I simply don’t interact with females unless there is a good reason that doesn’t affect or damage my relationship. I owned my mistake, I count my blessings that she took me back and I learned my lesson and then some. (It’s relevant because it was as close to a one time offense as you can get, and it would never have happened if I were in my right mind to begin with.)

    Then you have the serial cheaters who claim to feel love for their spouse but repeatedly have sex with other people on a frequent basis. If it has legs, they’ll indiscriminately have sex with it. My wife’s best friend (one of my good female friends too) was with a guy who literally would send her cousins and other people proactive pictures, and would screw anything that moved and when caught- the indignance was on par with watching a badly performed high school play. These types never learn, are usually on websites such as the one that got hacked, and if they really loved who they are married to, they’d do the following :

    Come clean and end it and assure the other person that they deserve much better, and that they aren’t equipped mentally to be with only one person. And profusely apologize and make sure that the burned party gets fair and reasonable rights to assets and custody in the impending divorce.

    I feel strongly about this because I’ve been cheated on, and I’ve broken up with someone who is great for someone who is what I can only describe as a manipulative, sanctimonious, and indignant inhuman being. It was short lived, it was of no substance, it was all smoke and mirrors, and I got duped mostly because the meds I was on at the time caused psychosis. If I hadn’t been on that particular medication (Adderall,) I’d never have done what I did and I still can’t forgive myself after almost 2 years.

    I had no idea how much upheaval that I caused by doing that and the upheaval extended way further than my nuclear family unit. It extends so much further than one would think, and I’ll always have to live with it and all of the stigma that I wear on a daily basis. I hate what I did and it wasn’t cheating, per se- it was right at the doorstep of it and it’s the bane of my existence.

    With all that I just posted, and taking everything I wrote into consideration, provided that anyone read all of it, and taking into account that I hate what I did and the scars that I created that haven’t healed for either of us, and given that I will never entertain entertaining the idea of doing anything that would place me in a position such as the one I was in, I think that the hackers should just go ahead and post all of the dirt in spite of whether the site comes down or not.

    If they do, it’s not slanderous, defaming, or falsely representing the character of the people who paid to be on the website (whatever Madison; I was not aware such a site existed until yesterday) because outside of the handful of false profiles that may exist on said site, everyone is guilty as hell and I think that it is important to expose those homewreckers for what they really are.

    And to the company that put that site online- yeah, go ahead and harp about how what the hackers did was illegal. Those hackers may have broken the law, but they did a great service to the public and they did something that I think is praiseworthy because they now have the information to expose every person who frequented that site. A few broken laws is NOTHING compared to 37 million people destroying the lives of quite possibly 100 million people or more.

    The good definitely outweighs the bad in this instance and I think that they should release every bit of information about the offenders as long as it doesn’t include credit card information or social security numbers, etc.

    Just make a ton of mugshots with names, and the names of the people who they were fucking around with. It’s going to ruin a lot of lives, but the people who didn’t cheat, or worse, pay a subscription to a disservice that allows them to continually cheat will be the people who will emerge stronger, and better able to make lives for themselves down the road.

    As for the people who frequent that site- they will always have to carry what they did whether they care or not, and they should have to. Expose them all. Make them transparent to every single male and female they know, so that if someone tries to pursue anything with the offenders, they will know from the start exactly what they can expect from the person.

    The group that did this has the power to do a huge service for people who may or may not have been in doubt as to what their other half is up to.

    I really hope that they release the information. If anything, it will boost the economy because divorce lawyers will make money hand over fist as a result.

    If they don’t release the information, whether the site owner takes it offline or not, then people will continue to not think twice about being unfaithful and unfair to their spouse. They will have no fear of doing what they do if the information is not released because the site owners complied. Someone else will just set up a new site for tripe such as this.

    If the hackers release the information, then people who cheat will be forced to think thrice about what they are thinking about doing and if the information is released even if the site is taken down, the likelihood of another site that promotes this behavior flourishing is highly unlikely.

    Cheaters will still cheat, but they will be a lot easier to catch if they can no longer rely on the internet to behave in this manner. It’s a lot easier to get an itemized phone report than it is to crack a password or find out what is going on with their spouse using google.

    I applaud the group who did this, and I really hope that they expose everything because it could possibly put websites that promote this kind of horrid behavior out of business for good.

    I don’t think that website builders would want anything to do with this kind of stuff if it’s established that anyone can break in and essentially force their clientele to no longer pay for this disservice, and that if someone has a mind to fool around online, they will be caught.

    I might write to Larry Flynt and ask him to offer a bounty on all of the information this group collected so that it may be made public. Love or hate Larry Flynt, he’s placed bounties on crooked politicians and he’s even outed a few with said bounties.

    I really hope that the hackers do the right thing and expose these people. It will be of great benefit to society in the long run because it will force people who have a mind to cheat to seriously reconsider ruining lives, and work on their lives and their relationships at home instead.

    If you can’t stay physically interested or attracted to the person you claim to love, then you can’t have any kind of meaningful intimate relationship.

    • TL;DR. Probably someone who thinks of himself or herself as the moral police.

      • I didn’t mean to come across as the moral police. Most of what I typed were fairly blatant observations. I would never ask anyone to “see it my way.” I didn’t mean for it to come across that way with what little you bothered to read. I’m not trying to police morality,I was trying to point out a few common senses is all.

    • Come on G, please get some much needed counseling. As for the hackers, they’re committing multiple felonies, and that can’t be rationalized nor justified.

      • Oh, I should seek help because I have an opinion about cheaters? You should seek marriage counseling by the look of it.

  19. Seems no-one’s considered what would happen if they leaked the 47 million rows of data.

    Well, 23.5 million people would leave their families/relationship etc and go meet the other 23.5 million and start a life together. It would end in ruin of course since they were seeking affairs, not relationships.

    The 47 million left behind would have to deal with a broken heart and that would reflect on their close family and people who care for them.

    So yeah, this hack will bring sadness to 94 million people. I reckon it was probably better left alone.

    My hobby – stating not the obvious.

    (and I wish we could discuss the hack – seriously :))

  20. All I can say is Tiki Local Dating does NOT collect Credit Card information – iPhone: https://goo.gl/KnCm0P; Android: https://goo.gl/II964r.

    Give Tiki a Try and Say Goodbye to that old seductive temptress Ashely Madison!

  21. Good for the hackers! I notice on here that AM’s response is to completely ignore the hackers complaint – that the Full Delete doesn’t actually work as advertised. That tells me that AM wants to have their cake and eat it too. They want to continue to charge money for Full Delete and not actually delete anything. So, fuck ’em.

    I’m not a hookup site user and I couldn’t care less about hookup site users, but I don’t really see the difference between what AM is doing with Full Delete, and what a site like, say, Google might be doing in similar situations.

    If you login to Amazon, Google, Facebook or any of these sites and tell them to delete your information – and they say they will then don’t do it – then how are you going to know if they are lying or not? You won’t. And if you learn years later after you asked for your stuff to be deleted and it wasn’t – well then that’s a complete breach of trust IMHO. When that sort of thing happens it damages every site owner out there as it just increases the distrust users have of site owners.

    If the hackers release the data there’s definitely grounds for a class-action lawsuit. All that some smart law firm needs to do is make a copy of the data then file for a class, and once they get approval that will be the end of AM. There is no way that AM can win such a lawsuit, this is fraud, contract violation and you name it. They will be sued out of existence.

    I would support 100% if exactly the same thing happened to Amazon or any of those other sites.

    No means no. When you say to a site owner “no your not going to store my data any longer” that means NO! That means DELETE WITHOT HOPE OF RECOVERY.

    My hope out of this is the hackers release the data, AM declares bankruptcy, and every other site on the Internet is so frightened by what happens that they review their deletion policies and make sure that Delete means Delete.

    When Arthur Anderson was destroyed it ended “book cooking” by the Big Five. When AIG was destroyed it ended banks mixing bad loans with good ones. And when AM gets destroyed it will end the practice of sites “deleting” your information yet not actually deleting anything.

    • “And when AM gets destroyed it will end the practice of sites “deleting” your information yet not actually deleting anything.”

      Wrong. The few or zero merchants making a similar offer will simply switch to the disclaimed model virtually all use, or “at users risk” language virtually standard everywhere. They just stop making the promise and don’t mention it either, so as to not raise the issue in your awareness. Buyer beware is all that it will come to.

      Next: Shelter Insurance, who insists on using social security numbers (which they don’t need, it’s auto insurance) as an online customer ID verification.

    • Total b.s. Very little data will be posted, the hackers will just sell the cc info, which is their real intent, an AM continues to operate.

  22. Would hiring paid fake chatters to make the site seem like there are any women on it be illegal too? Or just unethical? Because thats exactly what Ashley Madison and other dating sites do. Ive met the paid chatter girls in person.

  23. I know one could argue that they (the people who used the site) probably deserve it… but there are a lot of innocent people that will be harmed by this- you could also say its the users fault… but its really their own business- Its not up to others to judge or make those decisions for them. The real victims here will be the families of the users. Its just terrible. If they really wanted to Harm the site they could have just deleted the data and screwed with some of the other systems….not quite as easy as a slap on the wrist but the taking the nuclear option screws everyone. There will be suicides ..for certain.

  24. well the hackers will get what they want….Ashley will have to close otherwise their will tons of lawsuits against them

  25. He who is without sin cast the first stone."

    Hey, ‘Impact Team’ What you did was STEAL ,Private and Personal information. So, you might want to rethink before releasing any of it.

    AM is still up and running, but I doubt, considering what happened, if anyone in their right mind will register.

    • Very interesting! We now have a possibility of someone actually damaged, if he can show some sort of damage…which may take a little time to accumulate in an evidentiary way.

      37 million or more? That’s a lot of people. All very eager, no doubt, to add their names (Not!) to the class action suit when it comes (also therefore Not!). Who is going to add their name to the plaintiffs list or class? Nobody, that’s who. That’s what this business relies upon.

      What an incredible mess; all due to businesses’ failure to do business honestly (make a promise, keep the promise)(take security and big data intrusions on privacy and personal identity seriously). I hope some of those damaged include as many college and graduate school professors, computer language and applications developers and purveyors, and the especially tiny population of “ethics” business school professors as possible.

  26. NotSubscribedToAshleyMadison

    Although I don’t agree with cheating, have any of you who are saying out the cheaters, really grasped the ramifications of outing all these people, especially if it were to happen all at one time?
    Consider this, If the site were only US adult members, which according to published information the majority are US citizens over 18, 28.6% of the US adult population would be listed or the spouse of a listed cheater…Hold on a second, it gets crazier, add in their 1.13 children per family unit and we are seeing just shy of 100M people directly effected by the cheaters being made public, this doesn’t take into consideration other friends and family members who would be effected as well, but hey odds are they may be involved in their own cheating scandal.
    100M effected directly as a cheater, spouse of a cheater, or child of a cheater.
    I don’t condone or agree with cheating, but I can’t imagine them all being outed at one time.
    Divorce attorneys will have tons of new clients. Financially many will be bankrupt before the dust settles. Many I’d think would go to extremes and do the unthinkable, commit suicide, homicide, both, you name it, spiking the numbers at morgues across the country, because the worlds of not just the cheater and their spouse would be falling apart, when they’d look around for comfort from others they’d see the others having the same issues with their own cheating spouses. Thousands upon thousands would be in courts, There would be a backlog of cases for years.

    • It seems to me that getting lost in the surface content is to miss the really big point: big data and bad security is shifted onto trusting, unsuspecting, or, really in the case of everyone, undeserving and put at grave risk of identity and financial theft as a consequence of risk-shifting and cost-shifting by merchants and services everywhere, just because they can and its cheaper and lying is ok.

      It is now ok to harm customers as normal risk of doing business. I the business am not responsible for the harm you may, or will, sustain as a result of my choice to practice in a harmful way in my mercantile activity that I sell and provide to you.

      When was this ok to do as a matter of course? Isn’t there something wrong with going out of my way to harm you, my customer? As a matter of course and everyday practice? Just because I am not standing next to you when I strike and harm you or am negligent and harm you, is that ok? Then why is it not ok for me to do these things to you physically, and get away with them while standing next to you?

    • Of course, not all of that 100 million are US citizens.

      Pretty hard to argue reasonable expectation of privacy in a business model whose very existence is materially based on (among other things…i.e., procurement) deception. Well, I’m sure lawyers and case law and all that would of course be full of actual accepted reasons why one could argue reasonable expectation, and all that. What a system. What a case and debate. I wonder how many have thought through how big this could be; Notsubscribed, obviously you have. How big? Reminds me of the Hitchhiker’s Guide to the Galaxy line about how big space is.

  27. Regardless of your moral views, being a member of AM does not mean that you have cheated. I could be swayed on publishing names of actual cheaters. But how can you determine that. There are a few additional situations I can think of where a severe wrong can occur to someone:

    What about the situation where someone might have used a compromised CC to create an AM account? I am sure that this has happened more than a handful of times. Releasing that data (of the CC holder’s name) would potentially destroy a completely innocent person’s family. Is it ok to destroy some innocent families if we nail a bunch of cheaters?

    I had my CC compromised once and there were charges to vague sounding companies that I didn’t recognize. A quick Google search showed that those companies were the names used for paid porn sites.

    How about someone that created an account with fake credentials? Maybe to get back at someone. That someone would be totally innocent but potentially have their lives destroyed.

    What about the curious/voyeur types? Some may have gone on there with no intention of cheating. They will not be distinguished for the ones actually cheating. (You can argue that this is cheating in and of itself)

    How about the couple with an “open” marriage. Why should they suffer public humiliation for something that both partners are aware of and concede to?

    What about someone that has severe depression. (Maybe a reason that lead them to this site). What if the publication of their name leads them to suicide? Is that still ok? I can certainly see this happening. 37M users? You know at least someone will take their life it they think that everything is in ruins.

    I suspect that the majority of the users on AM have not physically cheated. (no data to back this up of course) Though the argument of them even registering for that site is cheating is valid argument (not sure which way I fall on this one).

    I am more liberal in my social views. I think that releasing this information will be catastrophic to millions of families and certainly to many innocent families.

    Even without releasing the data, they should probably get their wish of AM shutting down whether AM wants to or not. Who the hell would use that site now? They are toast.

    • “What about the situation where someone might have used a compromised CC to create an AM account? I am sure that this has happened more than a handful of times. Releasing that data (of the CC holder’s name) would potentially destroy a completely innocent person’s family. Is it ok to destroy some innocent families if we nail a bunch of cheaters?”

      Exactly my point. And so the party responsible is AM, and AM should pay to make those people whole. And it should be so in all commerce when you breach your contract, and damage your contractor by choosing to not do that which you freely agreed to do, were paid to do, and were to do so exactly so as to prevent the preventible harm you have caused, and but for your choice, you would have not caused.

      • Yes, AM should be held liable, but if that person whose CC was used without their knowledge has their life destroyed, that is of little solace to them.
        What monetary value can be placed on that person’s family?

        I might be convinced that it would be ok to release pictures or video of someone in the act of cheating. Simply having your name show up on this db doesn’t mean anything. Sure, the majority of the list would comprise of cheaters and would be cheaters. What about the completely innocent folks?

  28. Thinking about this, aren’t the hackers afraid for their lives or the lives of their families?

    If they out the 37mm users, and then the hackers are ID’ed, aren’t they putting themselves and their families in great danger? 37mm users I think more than a few are capable of murder. If I was the hacker I’d definitely be scared for my family.

    • I was about to post this. I was thinking of the situation where someone would be despondent enough to commit suicide.
      What about the psychopath as you brought up? The “you destroyed my family now I am going to destroy yours” person.
      If what AM is revealing, that this was an inside job, it should be too difficult to id the culprit.

      • From what the hacker(s) posted, it does not seem like they want anyone to die (suicide or murder) let alone put their own families in danger.

        I guess the hackers themselves have accepted a life on the run from the FBI/Interpol but what about the their families? If that one guy is ID’ed his family’s lives would already be in danger from the first small leak.

        This might be the first big name hack where people actually die as a result. Not good.

        • “This might be the first big name hack where people actually die as a result. Not good.”

          I agree wholeheartedly. I am not sure that the hacker(s) thought this through. Unless they are so confident in their ability to remain anonymous that they don’t care. Again, if what AM says is true, that this was an inside job, this person will be id’ed.

          In no situation can I see any good coming out of this. None. Even those that advocate a cheater should suffer the utmost punishment. In order to do that in this case, many innocent people will be severely impacted.

          Typical hacks/dumps usually result in an inconvenience for the victims. Every year I get a new BoA credit card because of some compromise. (They never say exactly why, although once it was right after the Target hack) No big deal. Even once when my card was used without my knowledge, I had to give written confirmation that those charges weren’t mine. Again, an inconvenience but no big deal. I didn’t lose any money.

          This is VERY different.

          • Yea I don’t know if they thought it through. I don’t think they fathomed the fallout from this can turn violent among the users and against the hackers and the hackers’ families.

            There is so much random violence as it is with no motive, now you give 37mm people a potential motive?

    • Once the hackers are caught (and they will be), long prison times await.

  29. The main takeaway we should get from this is far worse than the site or its hackers. If this were virtually any other website there would likely be nothing but contempt for the hackers. However, this is what I get. A group has committed an illegal, criminal data breach, and is now committing extortion/coercion against a legal enterprise that they disagree with on a supposedly moral basis. I’m not convinced this isn’t a purely spiteful move made by a former employee. If it isn’t then what next? What else does this Impact Team disagree with and want to shut down? I don’t care for the website or what it represents, Burt this attack represents something much worse.