Hackers Threaten to Leak Ashley Madison's 37 Million Clients
Grow Your Business, Not Your Inbox
Hackers claim to have personal details of more than 37 million cheating spouses on dating website Ashley Madison and have threatened to release nude photos and sexual fantasies of the site's clients unless it is shut down, blog KrebsOnSecurity reported.
Ashley Madison's Canadian parent, Avid Life Media, confirmed the breach on its systems and said it had since secured its site and was working with law enforcement agencies to try to trace those behind the attack.
The hackers, who call themselves The Impact Team, leaked snippets of the compromised data online and warned they would release customers' real names, profiles, nude photos, credit card details and "secret sexual fantasies" unless their demands were met, Krebs said.
Avid Life did not disclose what information was stolen.
The hackers demanded the closure of another of Avid Life Media's sites, sugar-daddy site "Established Men", but did not target the company's "CougarLife" site, which caters for women members looking for "a young stud".
Ashley Madison, which uses the slogan "Life is short. Have an affair", has been planning to raise up to $200 million through an initial public offering on the London Stock Exchange.
"We apologize for this unprovoked and criminal intrusion into our customers' information," Avid Life said, adding that the hackers left behind posts and images on the website detailing their demands. The unauthorized posts have since been removed.
The breach comes about two months after dating site Adult FriendFinder was compromised. That site has an estimated 64 million members.
The Impact Team, in a screengrab showing on the Krebs blog, say it had taken over Avid Media systems including customer databases, source code, financial records and emails.
"Shutting down AM (Ashley Madison) and EM (Established Men) will cost you, but non-compliance will cost you more," the hackers said.
They said users who had paid a fee to Avid Life to have their personal data permanently deleted had been lied to and the company had retained records, including credit card information.
(Reporting by Abhiram Nandakumar in Bengaluru; Editing by Rodney Joyce)