A website that boasts of helping people set up illicit affairs - launched in Hong Kong with much fanfare in 2013 - has had its database hacked and customer information leaked.
The Ashley Madison site, whose slogan is "Life is short. Have an affair", operates in 30 places around the world with more than 37 million customers. It was hacked by a group calling itself the Impact Team, which also targeted two other dating sites, Cougar Life and Established Men, which are owned by the site's parent, Avid Life Media.
The hackers posted a small sample of sensitive data stolen from the sites accompanied by a statement demanding the closure of Ashley Madison.
UPDATE: Ashley Madison revokes controversial data-wipe fee after hack attack, claims it's the victim
"Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers' secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails. The other websites may stay online," the group said in a statement.
Speaking to cybersecurity reporter Brian Krebs, who first broke the story, Avid Life Media chief executive Noel Biderman confirmed the hack had taken place. The company was "working diligently and feverishly", he said, describing the attack as a "criminal act".Biderman said that the attack was likely the work of an insider and the company was close to identifying the culprit.
"I've got their work profile right in front of me, all their work credentials," he said. "It was definitely a person here that was not an employee but certainly had touched our technical services."
The website appears to have been targeted over the US$19 fee it charges to carry out a "full delete" of the information of customers who choose to leave the site. The company claims that the service is the only way to completely remove information from its servers.
The hackers described that claim as a "complete lie".
“Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed,” the statement said.
Biderman told the South China Morning Post at the time that while every country considered itself conservative or religious, people around the world “share the same DNA – and monogamy is not part of it”.
While the company does not release user statistics for Hong Kong, Biderman said in 2013 that he expected around 500,000 people in the city to sign up for the service, based on levels of interest prior to launch.
This article appeared in the South China Morning Post print edition as: Hackers threaten to publish data from cheat website
ncG1vNJzZmivp6x7tK%2FMqWWcp51ku6bD0mifqKaXYriwusZonJ2tk5bBqrvNZpqopZ2qu6rA2GiYq6yZmLmme5Bxa2ptYGd8qa3CpJyrq12ptbOxwK2cp2Wgqq%2BttdKhZKKmlp6xprjIrbBmq5mpsm6t0qGjnrE%3D