Update: Ashley Madison Hackers Dump Data on Up to 70,000 Denver Cheaters
A screen capture from an Ashley Madison commercial the company says was rejected for airing during the 2011 Super Bowl. Videos and more below.
Update: Last month, we reported that hackers of AshleyMadison.com, a website that promotes extramarital hookups (slogan: "Life is Short. Have an Affair"), threatened to expose the financial and personal data of users, including what the company had previously estimated as 70,000 people in the Denver area alone. See our previous coverage below.
An empty threat? Not so much.
Now, Wired is reporting that 9.7 gigabytes of data "was posted on Tuesday to the dark web using an Onion address accessible only through the Tor browser.
"The files appear to include account details and log-ins for some 32 million users of the social networking site," the magazine's piece continues. "Seven years worth of credit card and other payment transaction details are also part of the dump, going back to 2007."
Moreover, the still-unidentified hackers have left messages in which they accuse the site of fraud for not deleting consumer information themselves after being paid to do so and suggesting that many of the profiles on the site — particularly ones supposedly posted by women — are bogus lures to horny men.
This isn't the first time Ashley Madison has been accused of fudging the truth. In 2011, the company stated that Fox had rejected a ribald commercial for airing during that year's Super Bowl — a claim plenty of folks didn't believe. Here's the clip.
Two years later, in 2013, Ashley Madison published a similarly themed print ad in the San Francisco Examiner's Super Bowl insert.
Here's a look at it.
In a piece about the print layout, AdWeek accused Ashley Madison of trying to "leech a little attention at Super Bowl time" with such antics. And in a reference to the assertion regarding the Super Bowl commercial in 2011, the publication accused Ashley Madison of "pretending" it had enough money to buy time on the broadcast.
Excerpts from the hackers' statements shared by Wired are even more cutting. For one thing, they accuse Ashley Madison's parent company, Avid Life Media, of reneging on a deal to delete user data from the site even after collecting $19 fees — not that the hackers feel sorry for the dudes who were ripped off.
"Too bad for those men, they’re cheating dirtbags and deserve no such discretion,” they write. “Too bad for ALM, you promised secrecy but didn’t deliver.”
In addition, they maintain that the vast majority of female profiles on Ashley Madison are fictional in the following online message that accompanied the data dump.
Denver Broncos v. Arizona Cardinals - HALF PRICE GAME
TicketsThu., Aug. 31, 7:00pm
Denver Broncos vs. Arizona Cardinals
TicketsThu., Aug. 31, 7:00pm
Rocky Mountain Showdown - CU v CSU Football vs. University of Colorado Buffaloes
TicketsFri., Sep. 1, 6:00pm
Colorado Rockies vs. Arizona Diamondbacks
TicketsFri., Sep. 1, 6:40pm
Colorado Rockies vs. San Francisco Giants
TicketsMon., Sep. 4, 1:10pm
In response to the hackers' action, Avid Life Media has posted a long statement that reads in part, "This event is not an act of hacktivism, it is an act of criminality. It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities."
Here's a 7News report looking at the development from a local angle, followed by the complete ALM statement and our earlier piece on the subject.
Avid Life Media statement:
Last month we were made aware of an attack to our systems. We immediately launched a full investigation utilizing independent forensic experts and other security professionals to assist with determining the origin, nature, and scope of this attack. Our investigation is still ongoing and we are simultaneously cooperating fully with law enforcement investigations, including by the Royal Canadian Mounted Police, the Ontario Provincial Police, the Toronto Police Services and the U.S. Federal Bureau of Investigation.
We have now learned that the individual or individuals responsible for this attack claim to have released more of the stolen data. We are actively monitoring and investigating this situation to determine the validity of any information posted online and will continue to devote significant resources to this effort. Furthermore, we will continue to put forth substantial efforts into removing any information unlawfully released to the public, as well as continuing to operate our business.
This event is not an act of hacktivism, it is an act of criminality. It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities. The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society. We will not sit idly by and allow these thieves to force their personal ideology on citizens around the world. We are continuing to fully cooperate with law enforcement to seek to hold the guilty parties accountable to the strictest measures of the law.
Every week sees new hacks disclosed by companies large and small, and though this may now be a new societal reality, it should not lessen our outrage. These are illegitimate acts that have real consequences for innocent citizens who are simply going about their daily lives. Regardless, if it is your private pictures or your personal thoughts that have slipped into public distribution, no one has the right to pilfer and reveal that information to audiences in search of the lurid, the titillating, and the embarrassing.
We know that there are people out there who know one or more of these individuals, and we invite them to come forward. While we are confident that the authorities will identify and prosecute each of them to the fullest extent of the law, we also know there are individuals out there who can help to make this happen faster. Anyone with information that can lead to the identification, arrest and conviction of these criminals, can contact firstname.lastname@example.org.