View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

37m cheaters face outing after Ashley Madison hack

Attack on dating site seemingly motivated by business grudge.

By Jimmy Nicholls

Some 37 million users of the infidelity dating site Ashley Madison are at risk of being outed after hackers claimed to have leaked some of the site’s data online.

Avid Life Media, the owner of the site and similar services Cougar Life and Established Men, was left scrambling to fix the problem, and confirmed a cyberattack had taken place on its systems.

"We’re not denying this happened," chief executive Noel Biderman told the security blogger Brian Krebs. "Like us or not, this is still a criminal act."

The hackers behind the attack, the Impact Team, appeared to be motivated by Avid Life’s plans to charge customers £15 to fully delete their profile details, which include personal data, credit card info and descriptions of their sexual preferences.

"Full Delete netted [Avid Life] $1.7m in revenue in 2014. It’s also a complete lie," the hacking group wrote in a message online.

"Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed."

The attackers demanded that Avid Life shut down both Ashley Madison and Established Men, a site for "sugar daddies", and threatened to release the rest of the data cache if the firm did not comply.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Whilst Biderman did not confirm many details of the investigation into the attack to Krebs, he did reveal that the company had a suspected "culprit" in its sights.

"We’re on the doorstep of [confirming] who we believe is the culprit, and unfortunately that may have triggered this mass publication," he said.

"I’ve got their profile right in front of me, all their work credentials. It was definitely a person here that was not an employee but certainly had touched our technical services."

Seemingly confirming the close connection between the hackers and Avid Life, The Impact Team also apologised the firm’s director of security Mark Steele, whom they said "did everything you could".

Alongside the customer details, the hackers were also said to have got hold of company data, including staff salary details, internal network maps and corporate bank account data.

Commenting on how customers would likely respond to the attack, Dave Palmer, director of technology at security vendor Darktrace, said: "I think it will really depend on the customer’s own view.

"If you’re into this sort of service I’m not sure what other services exist where you could take your business to."

The attack also invites comparisons to a similar raid on AdultFriendFinder, which exposed millions of users to similar data disclosures in May.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.