Ashley Madison Hacked - User profiles exposed

[badbadboy]

http://www.wsj.com/articles/affair-website-ashley-madison-hacked-1437402152

Ashley Madison, a website that links up people seeking affairs, was hacked along with its partner sites, potentially exposing data on millions of users.

Avid Life Media Inc., the parent company of the sites, said that while it has “stringent security measures in place,” those measures failed to prevent an attack.

“We were recently made aware of an attempt by an unauthorized party to gain access to our systems,” Avid said in a statement. The company didn’t provide information on how much data might have been compromised, and an Avid spokeswoman said she couldn’t provide any more information at this time.

“At this time, we have been able to secure our sites and close the unauthorized access points,” the company said. “We are working with law enforcement agencies, which are investigating this criminal act.”

Toronto-based Avid Life Media has been planning to conduct an initial public offering in London this year.

 

[Lo-ki]

I bet you the lawyers are licking their lips on this ATTACK...

 

[Equity Market investor]

I bet you the lawyers are licking their lips on this ATTACK...

No kidding. Talk about the ultimate party. One has to wonder why separation / divorce rates are rising ever so fast

 

[clu]

Do these people think they're going to stop infidelity? Because it's really coming off like a woman's scorned/revenge type thing...

They claim their issue with AM is that they charge $19 to permanently delete your profile but don't really do it. So they're threatening to release all the records to prove it. Whether anyone wants to believe that or not is a separate issue.

 

[epicurean604]

This concerns me a little, as I am a former member of the aforementioned website. I also paid the $19 to "permanantly delete" my profile. It's been quite a while as I stopped using the site a few years ago but there's probably a few people I would rather not know about it.

I think this is the end for AM, as just last year at a security conference they touted themselves as the last great completely secure website. And with an IPO looking in the near future, I can no longer see investors going forth with any confidence. Their best device to their membership would be to shut down and re-emerge as a completely new entity.

 

[vancouverman]

That's pretty spicy of you, Ottawa

Canada’s capital city, Ottawa, is also it’s most potentially adulterous, Reuters reports. Around 1 in 5 of the population is registered on Ashley Madison, a social network aimed at married people that touts “”Life is short. Have an affair” as it’s slogan.

The sleepy city, with a population of around 883,000 boasts 189,810 users, according to Avid Life Media, the Toronto-based that owns the service.

ALM faced a huge hack this week from a group called the Impact Team, exposing 37 million users’ data in a demand to take down Ashley Madison and sister site EstablishedMen.com. The hackers referred to the site’s clients as “cheating dirtbags who deserve no discretion.”

The site says that it has suspended fees for users who want to delete their accounts.

Meanwhile, it seems like Ottawa’s politicians and civil servants are the ones having the most difficulty staying faithful — the most-registered postal code in the city represented Parliament Hill, the seat of power in the country, Reuters reports.

ALM CEO Noel Biderman thinks “power, fame and opportunity” are the likely causes of infidelity in the city. In a newspaper report published earlier this year, Biderman admitted that capital cities usually top subscription rates for the adulterous service.

Ottawa residents seem to think the reason is much simpler — everyone is just bored out of their minds.

“Why do you think everyone goes to Montreal to have a good time?” Kary, who refused to give her last name, told Reuters. “Ottawa is the city fun forgot.”

Source: http://time.com/3967081/ottawa-canada-ashley-madison-cheating-infidelity-affair-hack/

 

[felixthecat]

They say it was probably an inside job..
I think it was probably a divorce lawyer who hacked it! Haha

Why not an insider divorce lawyer then.
"We took your $19, now we come for the rest!"

 

[encarsia]

i just logged in to my account and no note or anything regards to the hack

 

[wpg204]

Well guys I am only posting this so you can start planning your story or worse case divorce if you see your name. Apparently this is a list of names the hackers got, one reason I won't pay for play sites total joke. Good luck guys and I hope you don't see your name.

Sorry these are names from France , Belgium and the United Kingdom but more to come.


http://christnews.org/en/la-liste-d...s-et-francais-de-ashley-madison-est-en-ligne/

 

[hornygandalf]

The names are outside of North America thus far.

 

[Man Mountain]

Has anyone ever seen that Ashley Madison commercial featured in the segment? Holy douchebags, Batman!

 

[hornygandalf]

Has been downloaded 105,000 times so far.
Anyone here found their details on it?
Is it actually a file with a virus or Trojan Horse in it (would seem a good target for that)?

 

[MrBrown]

Yes, I am on it with my "throwaway" identity.
I paid for one month using a disposable credit card.
Met a couple of ladies for coffee but didn't have chemistry, actually never hooked up... serious gold diggers. I'm just a relatively poor middle aged guy... Wouldn't mind a reasonable sugar daddy thing going but pooning is much much safer in retrospect.
Glad I was extra safe. Sorry for those that used their true identities.

 

[buggs312]

How can I check?

 

[dkong]

You can check if you have been pwned at http://www.trustify.info/check

I've been going through the dump of data for the last couple of hours, and while I didn't have a profile, the situation for those that had is bad... real bad..
In fact, if you had a profile on or before June 28th, know that your data has been taken... This is about the worst leak of personal info I have ever seen.

There is an unbelievable amount of very real, personal, and embarrassing data. Global lists of users, pictures, messages, emails, credit card transactions (thankfully not full credit card numbers), password hashes etc. Looking at the data, I would be very surprised if we don't see a national spike in suicides and divorces over the coming weeks, and we should expect that this will have a big effect on society as a whole... Its only a matter of time until some opportunist set up sites mapping out members addresses, GPS locations, names, facebook profiles, linkedin profiles etc... there is easily enough info there to tie many people to their real life identities....

Whats done is done, but my advice: IF YOU USED THE SAME EMAIL ADDRESS FOR A.M. AS YOU DID FOR OTHER SERVICES, CHANGE YOUR EMAIL ADDRESS ON THE OTHER SERVICES NOW... You might be able to limit the damage, make it more difficult for people to use your email address to find you.. Also, for good measure, change your password. If you're really paranoid, move postcodes.. I cannot overemphasize how bad this hack is.. Its even got personal bank account numbers and paypal passwords for the company behind Ashley Madison.

I will admit its going to take a number of hours for technical folks to be able to get the data into a usable form, as the MySQL dumps from the site are huge... unless you're in the industry, there is no point in downloading the raw data for now... on a powerful machine it might take as many as three days to decompress all the info and import it into a searchable form.... so as of right now, we can expect the shit storm to arrive in about 48 hours when sanitized, cleaned up readily exportable data will be available.

Its a dark day indeed.

 

[dkong]

By the way, to put this breach in scale, in the 10km area around where I live, I have found data for 38 people that paid for services from A.M. The number of users that have regular (unpaid) accounts within about 10km of me number in the many hundreds - and I live in a relatively sparely populated area... when the dust settles I would say the national numbers could be as high as 1 in 50 homes have someone with an account, and about 1 home in 2000 paid for services from the site, but I will have to wait until the query finishes before I know more.

 

[dkong]

One last thing.. I have been checking the various sites that claim to be able to tell you if you have been hacked such as http://haveibeenpwned.com/ and I can confirm that many are bluffing.. using addresses that I know are pwned, only the trustify one seems to work.

 

[Sphubby]

One last thing.. I have been checking the various sites that claim to be able to tell you if you have been hacked such as http://haveibeenpwned.com/ and I can confirm that many are bluffing.. using addresses that I know are pwned, only the trustify one seems to work.

Yep also confirmed, Trustify said: I have been compromised lol. Entered in a address I know has a account and 3 that don't and got them all right.

Just glad I have nothing to hide from the wife, she likes it when I bring a new friend home :faint:

 

[hornygandalf]

Yep, I'm in there, but with an email account barely anyone (including my SO) knows, and I never paid for anything, so little damage done.
But, clearly there are going to be a huge number of scandals as a result of this. Good time to be in the marriage counselling and divorce-lawyer business.

 

[Amuse0ne]

How successful was the site delivering its mission, my assumption was that it's weighted heavy with men and less with women?