"Avid Life Media has failed to take down Ashley Madison and Established Men. We have explained the fraud, deceit, and stupidity of ALM and their members. Now everyone gets to see their data."
The Ashley Madison hackers have released the site's user data, as threatened. Or, at least, that's what they say they've done.
There are strong indications that the data is real -- at least, that it's come from the site. However, it's likely that much of the data is forged or bogus in some way, so don't believe everything you read.
"Life is short. Have an affair." -- that was Ashley Madison's strapline. Worryingly, for some spouses whose names appear in the dump, life might indeed be short.
In IT Blogwatch, bloggers tread carefully.
Your humble blogwatcher curated these bloggy bits for your education.
Kim Zetter got the tipoff:
9.7 gigabytes...was posted on Tuesday to the dark web. ... The files appear to include account details and log-ins for some 32 million users. ... Seven years worth of credit card and other payment transaction details are also part of the dump...millions of payment transactions, includes names, street address, email address and amount paid, but not credit card numbers.
Last month, the hackers, who called themselves the Impact Team, demanded that Avid Life Media, owner of AshleyMadison.com and...Established Men, take down the two sites. ... Despite promising customers to delete their user data from the site for a $19 fee, the company actually retained the data...the hackers claimed. "Too bad for those men, they...deserve no such discretion," the hackers wrote. "Too bad for ALM, you promised secrecy but didn't deliver."
It's important to note that Ashley Madison's sign-up process does not require verification of an email address...so legitimate addresses might have been hijacked. ... One email in the data dump, for example, appears to belong to former UK Prime Minister (Tony Blair). MORE
Is it real? Brian Krebs says so, for three reasons:
I've now spoken with three vouched sources who all have reported finding their information and last four digits of their credit card numbers in the leaked database. ... It's been almost exactly 30 days since the original hack. ... All of the accounts created at Bugmenot.com for Ashleymadison.com prior to the original breach appear.
I'm sure there are millions of AshleyMadison users who wish it weren't so, but there is every indication this dump is the real deal.
My first report on this breach quoted...CEO Noel Biderman saying the company suspected the culprit was likely someone who [had] had legitimate access to the company's internal networks. I'd already come to the same conclusion...and I still believe that's the case. [He said] investigation is still ongoing and that the company is simultaneously cooperating fully with law enforcement.
Readers should understand...that just finding someone's name, email address and other data...doesn't mean that person was a real user [because] AshleyMadison never bothered to verify the [data]. MORE
Sign up for Computerworld eNewsletters.