Deleting the browser history might not be enough to keep secrets safe for the married individuals who have profiles on the extramarital-affair hookup website Ashley Madison.
The site, which seductively advertises “Life is short. Have an affair,” is owned by Avid Life Media (ALM) – a Toronto-based firm that owns other hookup websites like Cougarlife.com and Establishedmen.com.
The entire ALM database was hacked this weekend according to KrebsOnSecurity, a website which monitors online security.
ALM CEO Noel Biderman confirmed the hack. “We’re not denying this happened,” Biderman said to KrebsOnSecurity. “Like us or not, this is still a criminal act.”
KrebsOnSecurity reports that all 37 million site members have had their information compromised. As of now, 40MB of data stolen from ALM and their websites have been posted online by a team who self-identify as The Impact Team.
According to The Guardian, this is just a ‘sampler hack’. It is alleged that the group has threatened that it will publish everything if Ashley Madison and Established Men are not shut down permanently.
ALM released a statement July 20 in which they promise that all parities responsible for this act of cyber-terrorism will be held responsible.
“We have always had the confidentiality of our customers’ information foremost in our minds, and have had stringent security measures in place, including working with leading IT vendors from around the world,” the company wrote. “As other companies have experienced, these security measures have unfortunately not prevented this attack to our system.”
The hackers claim that they decided to publish the information after ALM allegedly lied about their full delete feature – a service which allows members to pay $19 to completely erase their profile.
KrebsOnSecurity quote The Impact Team:
“Full Delete netted ALM $1.7mm in revenue in 2014. It’s also a complete lie,” the hacking group wrote. “Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.”
So far, the hackers have leaked employee salary information, maps of internal company servers, the company’s bank account data and employee network account information. They also claim to have complete access to their database, including the records of all 37 million members.