A group of hackers who threatened to release sensitive data about millions of Ashley Madison cheating website users last month have fulfilled their promise after the site’s owner refused to take the resource “offline permanently in all forms.”
A massive dump of data just short of 10 gigabytes was released on the dark web on Tuesday by the Impact Team group claiming to be behind the scandalous Ashley Madison hack.
The data appear to include sensitive customer information, such as payment transaction and credit card details, emails, names, addresses, phone numbers and member profiles.
Although the leaked data did not include full credit card details and billing information, the hack is still a major embarrassment to Avid Life Media Inc., which owns the site, and some 38 million of its users whose private data was exposed.
While the passwords released are hashed, according to Wired, hackers may still eventually crack the easier ones, gaining access to user’s private correspondence if the account is still online.
“Time’s up!” the Impact Team wrote in the introduction to the leak, apparently referencing to Avid Life Media’s decision to keep the website online reassuring their users of increased security measures instead.
“It was ALM that failed you and lied to you,” the group added. “Prosecute them and claim damages. Then move on with your life. Learn your lesson and make amends. Embarrassing now, but you’ll get over it.”
Meanwhile ALM has acknowledged they know about the release of “more of the stolen data,” the company said in an email to Ars Technica.
“We are actively monitoring and investigating this situation to determine the validity of any information posted online… furthermore, we will continue to put forth substantial efforts into removing any information unlawfully released to the public, as well as continuing to operate our business.”
The Royal Canadian Mounted Police and Ontario Provincial Police along with the FBI are investigating the hack, the company said, admitting the bureau’s involvement for the first time.
“This event is not an act of hacktivism, it is an act of criminality,” the company added, emphasizing that they are cooperating with authorities to hold the perpetrators accountable to the “strictest” measures of the law. “The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society.”
Source: rt.com