Skip to main content

Ashley Madison hack could expose 37 million cheaters

Ashley Madison hack could expose 37 million cheaters

Share this story

Casual sex and cheating network Ashley Madison has reportedly been hacked, compromising the user databases, financial records, and private details of the service's owners and 37 million users. Security researcher Brian Krebs first reported the leak last night, which was subsequently confirmed by Noel Biderman, the CEO of Avid Life Media. The company runs Ashley Madison and two other sites for users to arrange sexual liaisons — Cougar Life and Established Men.

"We're not denying this happened," said ALM's CEO

"We're not denying this happened," Biderman told Krebs, describing the hack as a criminal attack. A hacker or hacker group calling itself The Impact Team claimed to be behind the breach. The team is attempting to hold ALM to ransom with the information it has, threatening to release "all customer records, including profiles with all the customers' secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails," unless Ashley Madison and Established Men are taken offline in all forms. The other ALM sites, the group said, may stay online.

The Impact Team presented a moral stance in a lengthy document explaining its actions, hitting out at both ALM's business practices and the people who used the service to have extra-marital affairs. Ashley Madison offers a "full delete" feature by which it offers to scrub your payment and address details from its records for a $19 fee — a fee that The Impact Team says actually pays for nothing. "Full Delete netted ALM $1.7 million in revenue in 2014," the group says in its manifesto. "It's also a complete lie. Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed."

Not that the group offered much sympathy for people who would be exposed. "Too bad for those men," the document reads. "They're cheating dirtbags and deserve no such discretion." The manifesto hit out at "the internet's number one cheating website" Ashley Madison, but was most vehemently against Established Men, which it characterized as "a prostitution / human trafficking website for rich men to pay for sex." Among those the team said would be having "a very bad day" if the information came to light were "many rich and powerful people" in the US and Canada.

The hackers threaten to release data unless two sites are taken offline

ALM published a statement on the leak, in which it tried to deflect blame, saying that it was "only the latest among many companies to have been attacked, despite investing in the latest privacy and security technologies." Biderman told Krebs it was "working diligently and feverishly" to stamp out the dissemination of information, shutting down the original locations at which it was shared. Biderman said that rather than a random outsider targeting his company, the investigation points to someone who had at one point "touched [ALM's] technical services," suggesting that a former employee or contractor may have had a hand in the leak. As of Monday morning, ALM said it had removed all posts related to the incident from its site, as well as all personally identifiable information about its users.

The documents stolen by the hackers showed that ALM's tech staff lived in fear of a breach. Trevor Stokes, the company's chief technology officer noted that "security" was his answer to the question "in what area would you hate to see something go wrong?" In May, The Wall Street Journal reported that ALM had planned to go public this summer with an IPO, hoping to raise $200 million in investment — a plan to which this news will be a blow.

Ashley Madison isn't the first hook-up service to be held to ransom for stolen information. Earlier this year, similar service Adult FriendFinder was hacked, revealing the personal details and sexual preferences of 3.5 million people. Where ALM's hackers are at least trying to present a moralistic front, AFF's hacker — who went by the pseudonym ROR[RG] — simply hoped to make money from the data, threatening to release it all unless he was paid $100,000.

Update, July 20th, 8:25AM: Updated to add that ALM had removed the personal information of its users and all posts related to the incident from its site.


Verge Video: The future of sex

Today’s Storystream

Feed refreshed 28 minutes ago The tablet didn’t call that play by itself

A
External Link
Andrew J. Hawkins28 minutes ago
Vietnam’s EV aspirant is giving big Potemkin village vibes

Idle equipment, absent workers, deserted villages, an empty swimming pool. VinFast is Vietnam’s answer to Tesla, with the goal of making 1 million EVs in the next 5-6 years to sell to customers US, Canada and Europe. With these lofty goals, the company invited a bunch of social media influencers, as well as some auto journalists, on a “a four-day, multicity extravaganza” that seemed more weird than convincing, according to Bloomberg. Guests were treated to a champagne and lobster lunch, but also were left wondering why none of VinFast’s machinery was working. They even got to visit the company’s real estate holdings outside Hanoi, where they were greeted by empty swimming pools, dusty construction equipment, and a library devoid of books.


J
James Vincent48 minutes ago
Today, 39 years ago, the world didn’t end.

And it’s thanks to one man: Stanislav Petrov, a USSR military officer who, on September 26th, 1983, took the decision not to launch a retaliatory nuclear attack against the US. Petrov correctly guessed that satellite readings showing inbound nukes were faulty, and so likely saved the world from nuclear war. As journalist Tom Chivers put it on Twitter, “Happy Stanislav Petrov Day to those who celebrate!” Read more about Petrov’s life here.


Soviet Colonel who prevented 1983 nuclear response
Photo by Scott Peterson/Getty Images
J
The Verge
James VincentAn hour ago
Deepfakes were made for Disney.

You might have seen the news this weekend that the voice of James Earl Jones is being cloned using AI so his performance as Darth Vader in Star Wars can live on forever.

Reading the story, it struck me how perfect deepfakes are for Disney — a company that profits from original characters, fans' nostalgia, and an uncanny ability to twist copyright law to its liking. And now, with deepfakes, Disney’s most iconic performances will live on forever, ensuring the magic never dies.


Welcome to the new Verge

Revolutionizing the media with blog posts

Nilay PatelSep 13
E
External Link
Elizabeth LopattoAn hour ago
Hurricane Fiona ratcheted up tensions about crypto bros in Puerto Rico.

“An official emergency has been declared, which means in the tax program, your physical presence time is suspended,” a crypto investor posted on TikTok. “So I am headed out of the island.” Perhaps predictably, locals are furious.


R
The Verge
Richard LawlerTwo hours ago
Teen hacking suspect linked to GTA 6 leak and Uber security breach charged in London.

City of London police tweeted Saturday that the teenager arrested on suspicion of hacking has been charged with “two counts of breach of bail conditions and two counts of computer misuse.”

They haven’t confirmed any connection with the GTA 6 leak or Uber hack, but the details line up with those incidents, as well as a suspect arrested this spring for the Lapsus$ breaches.


R
The Verge
Richard Lawler1:00 PM UTC
Green light.

Good morning to everyone, except for the intern or whoever prevented us from seeing how Microsoft’s Surface held up to yet another violent NFL incident.

Today’s big event is the crash of a NASA spaceship this evening — on purpose. Mary Beth Griggs can explain.


D
David Pierce12:54 PM UTC
Thousands and thousands of reasons people love Android.

“Android fans, what are the primary reasons why you will never ever switch to an iPhone?” That question led to almost 30,000 comments so far, and was for a while the most popular thing on Reddit. It’s a totally fascinating peek into the platform wars, and I’ve spent way too much time reading through it. I also laughed hard at “I can turn my text bubbles to any color I like.”


T
Thomas Ricker10:44 AM UTC
The Simpsons pays tribute to Chrome’s dino game.

Season 34 of The Simpsons kicked off on Sunday night with an opening credits “couch gag” based on the offline dino game from Google’s Chrome browser. Cactus, cactus, couch, d’oh! Perfect.


T
Youtube
Thomas Ricker7:29 AM UTC
Table breaks before Apple Watch Ultra’s sapphire glass.

”It’s the most rugged and capable Apple Watch yet,” said Apple at the launch of the Apple Watch Ultra (read The Verge review here). YouTuber TechRax put that claim to the test with a series of drop, scratch, and hammer tests. Takeaways: the titanium case will scratch with enough abuse, and that flat sapphire front crystal is tough — tougher than the table which cracks before the Ultra fails — but not indestructible.


E
Twitter
Emma RothSep 25
Rihanna’s headlining the Super Bowl Halftime Show.

Apple Music’s set to sponsor the Halftime Show next February, and it’s starting out strong with a performance from Rihanna. I honestly can’t remember which company sponsored the Halftime Show before Pepsi, so it’ll be nice to see how Apple handles the show for Super Bowl LVII.


E
Twitter
Emma RothSep 25
Starlink is growing.

The Elon Musk-owned satellite internet service, which covers all seven continents including Antarctica, has now made over 1 million user terminals. Musk has big plans for the service, which he hopes to expand to cruise ships, planes, and even school buses.

Musk recently said he’ll sidestep sanctions to activate the service in Iran, where the government put restrictions on communications due to mass protests. He followed through on his promise to bring Starlink to Ukraine at the start of Russia’s invasion, so we’ll have to wait and see if he manages to bring the service to Iran as well.


E
External Link
Emma RothSep 25
We might not get another Apple event this year.

While Apple was initially expected to hold an event to launch its rumored M2-equipped Macs and iPads in October, Bloomberg’s Mark Gurman predicts Apple will announce its new devices in a series of press releases, website updates, and media briefings instead.

I know that it probably takes a lot of work to put these polished events together, but if Apple does pass on it this year, I will kind of miss vibing to the livestream’s music and seeing all the new products get presented.


E
External Link
Emma RothSep 24
California Governor Gavin Newsom vetoes the state’s “BitLicense” law.

The bill, called the Digital Financial Assets Law, would establish a regulatory framework for companies that transact with cryptocurrency in the state, similar to New York’s BitLicense system. In a statement, Newsom says it’s “premature to lock a licensing structure” and that implementing such a program is a “costly undertaking:”

A more flexible approach is needed to ensure regulatory oversight can keep up with rapidly evolving technology and use cases, and is tailored with the proper tools to address trends and mitigate consumer harm.