This site may earn affiliate commissions from the links on this folio. Terms of utilise.

ashleymadison

Final calendar month, hackers claimed to take penetrated Ashley Madison's backend security and made off with disquisitional information, including e-mail addresses, customer data, the various fantasies of said clients, and credit menu billing data. The group stated that unless Ashley Madison agreed to shut down, they would release the trove of records online. Normal dating sites don't typically attract this kind of ire, just Ashley Madison differentiates itself from the typical OKCupid or Match.com site past explicitly marketing to people who want to cheat on their spouses.

Ashley Madison has been previously accused of failing to delete user information and charging $20 to perform a marginally more effective deletion, doesn't inform users that they may be contacted by computer-generated profiles for "entertainment" purposes, and has a significant gender imbalance issue (70% of site users are men) that isn't typically explained to new customers. These problems, combined with declared security mismanagement, are supposedly why hackers working under the name of The Impact Squad targeted the site. As of today, the entire 10GB database is available for download via a Tor onion site.

AMFile1

Security analysts and researchers accept already begun combing through the data, which includes information that shows an estimated 15,000 .mil and .gov electronic mail addresses in the millions of other consumer records. Then far, credit carte records don't announced to have been stolen, just some of the data, just it'due south non clear what might be lurking in other areas. Ashley Madison might actually get strong marks in one regard; Wired reports that the site used bcrypt to shield its user accounts. Bcrypt is a much slower encryption method than some of the others in broad employ and was designed to be difficult to crack. Difficult, withal, isn't the same matter every bit impossible — weak passwords should still receive some protection from Avid Life Media (the owner of Ashley Madison)'s choice in encryption methods, merely it's not going to prevent people from penetrating files over the long term.

AMFile2

Touch on Team dedicated their conclusion to release this data by placing virtually of the blame on Avid Life Media itself. Ashley Madison claims to have secured its websites and databases from time to come intrusion, but of course that's going to be cold comfort to anyone already hacked in this attack. There'due south no word even so of any specially juicy finds, and since Ashley Madison didn't perform email verification, information technology'due south always technically possible that people lied to preserve their own identities when signing upward for the service. Even so, this information could send shockwaves through a lot of marriages over the next few weeks and leave divorce lawyers whistling all the fashion to the bank.