Hackers Publish Stolen Data From Adultery Site Ashley Madison

Ashley Madison founder Noel Biderman demonstrates his website on a tablet computer during an interview in Hong Kong on August 28, 2013. Bobby Yip/Reuters

Hackers who stole the personal information of adultery website Ashley Madison.com's 37 million users last month reportedly dumped the data on the dark web late Tuesday night, according to cybersecurity experts.

The leaked information included member accounts and credit card details from the match-making sitewhich bears the slogan "Life is short. Have an affair"in a 9.7 gigabyte dump on to the dark web.

The dark web is a collection of websites that require additional software to access, rendering the Ashley Madison information only accessible by encrypted browsers such as Tor, tech website Wired reported. Newsweek did not access the data leak and could not verify its authenticity.

The hacker group Impact Team had released some of the data in July with a threat to publish further details of Ashley Madison's customer base unless the website and EstablishedMen.com, both owned by Avid Life Media, were shut down.

The hacker group posted an online statement to accompany the data leak, explaining that they had released the information because Toronto-based Avid Life Media refused to take down the sites.

"Avid Life Media has failed to take down Ashley Madison and Established Men," the group said. "We have explained the fraud, deceit, and stupidity of ALM and their members. Now everyone gets to see their data."

The data could compromise millions of Europeans and North Americans. Americans and Canadians form the majority of the website's 37 million user base while Ashley Madison CEO Noel Biderman revealed to Newsweek in April that the site had 1.3 million registered users in Spain, 1.1 million in the U.K., and between 60,000 and 70,000 each in France, Italy and Germany before the hack.

It remains unclear how many of the website's 37 million users will be compromised by the leak and a representative from Ashley Madison did not immediately respond to a request for figures on American and Canadian users of the site.

However, Professor Alan Woodward, a cybersecurity expert at the University of Surrey who advises the European crime body Europol on cybercrime, says that the hackers appeared to have carried out their threat to release all of the Ashley Madison data at their disposal.

"It looks like it is the full database they have dumped out. Everything suggests that the data is real," he says, adding that many of the site's customers use false names and may therefore be protected from public humiliation. "What is interesting is that a lot of them are just pseudonyms. If anyone is going to be sensible on this site they would have used a pseudonym. A lot of the email addresses are so-called burner accounts, only used for this."

Troy Hunt, a security expert for Microsoft, also confirmed on Twitter that at least one million unique email addresses were attached to payment records made to the website.

"Ashley Madison data is almost certainly legit, too many things that simply couldn't have been faked or would have been enormous effort," he wrote.

Avid Life Media said that the leak was "not an act of hacktivism, it is an act of criminality," in an email to Newsweek.

"It is an illegal action against the individual members of AshleyMadison.com, as well as any freethinking people who choose to engage in fully lawful online activities," the statement read. "The criminal, or criminals, involved in this act have appointed themselves as the moral judge, juror, and executioner, seeing fit to impose a personal notion of virtue on all of society.

"We will not sit idly by and allow these thieves to force their personal ideology on citizens around the world," it continued. "We are continuing to fully cooperate with law enforcement to seek to hold the guilty parties accountable to the strictest measures of the law."

The company, which plans to float Ashley Madison on the London Stock Exchange later this year, also confirmed that its investigation was being conducted in cooperation with the FBI, the Royal Canadian Mounted Police, the Ontario Provincial Police and the Toronto Police Services.

The hack of Ashley Madison in July occurred less than two months after AdultFriendFinder, a dating site that matches users based on sexual fetishes and preferences, was hacked and confidential information from 3.5 million users was leaked.