Ashley Madison Hack Database: When a hacker group calling itself “The Impact Team” hacked the user data from Ashley Madison, a commercial website promoting extramarital relationships, the public outcry was immediate. In the event that Ashley Madison did not shut down immediately, the organization copied personal information about the site’s user base and threatened to expose names and personally identifiable information about those who used the site. A total of more than 60 terabytes of business data, including user information, was exposed between August 18 and August 20, according to the organization.
The remaining items were used just once, on the day they were first recorded, and then discarded. She also discovered that a disproportionately large number of the women’s accounts were established from the same IP address, indicating that there were many bogus accounts. She discovered that women checked their email messages extremely infrequently: for every one time a woman checked her email, 13,585 males checked theirs, according to her findings. There were just 9,700 female accounts out of the 5 million total, with only 5.9 million male accounts responding to messages in the same time period. She came to the conclusion that “the women’s testimonies indicate such a lack of activity that they might as well not be there.”
A subsequent article the following week acknowledged that Newitz had “misunderstood the evidence” in her previous article and that she had reached her conclusion about the lack of females active on the site based on data recording “bot” activities in contacting members rather than on any actual female activity on the site. She makes the observation that “According to the Ashley Madison database dump obtained from Impact Team, we have virtually no data indicating any human involvement at all. All we can observe is the instances in which phoney people communicated with actual humans.”
Many customers were concerned about being publicly humiliated since the site’s policy of not removing users’ personal information – which included actual names, home addresses, search history, and credit card transaction records – was not changed.
CheckAshleyMadison.com was taken down on Wednesday evening after receiving a take-down order from Ashley Madison’s legal team in accordance with the Digital Millennial Copyright Act, according to the company. However, many new websites, like Ashley.cynic.al, are still up and running, indicating that Ashley Madison’s attorneys are attempting to remove as much of the stolen material as they possibly can. Have I Been Pwned and Trustify, for example, are still up and running as of this writing.
If Avid Life Media does not provide any kind of assistance to their userbase and issue a formal apology in the next days, we hope that they would at least acknowledge the situation and apologise… The Ashley Madison Development Team should be ashamed of their database (and, more importantly, their lack of security). Not cleaning your phone numbers before storing them in your database is incredibly amateurish; it’s as if the whole site was created by Comp Sci 1XX students.