The cyber criminals responsible for the theft of a trove of data from infidelity website Ashley Madison have stayed true to their word and posted all of the stolen data online.
A 9.7GB data dump was posted on the dark web on Tuesday, including information such as:
- Login details
- Transaction details
- Street addresses
- Email addresses
- Amount paid
- Last four digits for each transaction (it’s possible that this matches the last four digits of a credit card)
36 million accounts are affected by this breach.
Initial research into the dump has found over 15,000 .mil or .gov addresses. There’s also an email account that appears to belong to former UK Prime Minister Tony Blair (although ‘Tony’ must have forgotten that the Labour Party doesn’t have a gov.uk address). It’s worth keeping in mind, however, that the email verification process for Ashley Madison is almost non-existent, which means that I could set up an account under your email address and you wouldn’t know.
Last month, the cyber criminals responsible for the attack, who call themselves the Impact Team, demanded that Avid Life Media took down their two sites, AshleyMadison.com and EstablishedMen.com over the questionable morals they encouraged, but they also took issue with what they considered ALM’s fraudulent business practices in relation to a $19 fee charged if a user wants their data completely removed and their account closed.
Warnings were ignored and both sites were kept online, with promises that security would be improved. But the improved security was seven years too late and the data was posted online.
The men and women whose data has been posted online now face public embarrassment, angry partners, possible blackmail and potential fraud from anyone who wants to use the personal data and bank card information exposed in the data dump.
This article will be continuously updated when more information becomes available. Subscribe to the Daily Sentinel below to ensure that you don’t miss out on any updates.