Intimate details of sexual fantasies and personal information of almost one million Australian members of a cheating website are being leaked online.
Dating website Ashley Madison – which specialises in infidelity and spruiks the motto ‘life is short, have an affair’ – was targeted by hackers in July who threatened to publish more than 37 million members on its database unless the site was shut down.
The leaked data is meant to include sensitive customer information such as payment transaction and credit card details, emails, names, addresses, phone numbers, member profiles and sexual fetishes.
It is believed the group claiming to be behind the scandalous hack, Impact Team, posted 22 email addresses linked to the University of Western Sydney on an online message board. The New Daily is yet to confirm this.
A mission statement – supposedly by Impact Team – was posted to a website on the Tor network.
“Found someone you know on here? Keep in mind the site is a scam with thousands of fake female profiles – 90-95 per cent of actual users are male,” it said.
“Chances are your man signed up on the world’s biggest affair site, but never had one. He just tried to. If that distinction matters.”
The Impact Team statement continued: “Avid Life Media has failed to take down Ashley Madison and Established Men.
“We have explained the fraud, deceit, and stupidity of ALM and their members. Now everyone gets to see their data.”
In 2014, Ashley Madison claimed to have more than 17 million users in 26 countries.
According to Fairfax Media nearly one million of those were Australian.
Australian security researcher Troy Hunt said on Twitter that the leak appeared legitimate.
Ashley Madison data is almost certainly legit, too many things that simply couldn’t have been faked or would have been enormous effort.
— Troy Hunt (@troyhunt) August 18, 2015
But Krebs on Security reported that Ashley Madison’s original founding chief technology officer Raja Bhatia said it was too early to tell if the information was legitimate.
In a statement to WIRED magazine, the company behind Ashley Madison, Avid Life Media, condemned the reported leak.
“This event is not an act of hacktivism, it is an act of criminality,” it said.
“It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities.”
Canadian-based Avid Life Media owns Ashley Madison, Established Men and Cougar Life dating websites.
Online security analysts and social media users scanning through the leaked database had, for example, already noticed an email address which appeared to belong to former UK PM Tony Blair, RT reported.
But since the affair website does not require email address verification some noted that anyone could have used it to set up a fake account.